Entries filed under 'Indicator of Compromise'
NetTraveler in OpenIOC Format
We noticed some chatter on Twitter that folks were interested in converting elements of <a href="http://www.securelist.com/en/downloads/vlpdfs/kaspersky-the-net-traveler-part1-final.pdf" target="_blank">Kaspersky's NetTraveler report </a>into the <a href="http://www.openioc.org/" target="_blank">OpenIOC format</a>. The NetTraveler report details a set of backdoors, phishing and spear phishing campaigns, and command and control infrastructure for a certain APT group. Mandiant has been tracking this particular group for a number of years.