Showing 1 result for: November 2013 ×Incident Response ×

Malicious shells; Established != Active

During a recent investigation, SpiderLabs was presented with evidence that appeared to be contradictory. Evidence from firewall logs and remediation actions taken by the client did not tally with the evidence collected from the compromised system. This blog post discusses...