jlay at ...3266...
Wed Jul 10 09:03:52 EDT 2013
On Jul 10, 2013, at 5:12 AM, Ned Moran <ned at ...3764...> wrote:
> yeah, its been used in an APT campaign to pull down poison ivy.
> unfortunately, i dont have specific examples that I am able share at
> this time.
> On 7/10/13 7:01 AM, James Lay wrote:
>> On Jul 9, 2013, at 8:12 PM, Ned Moran <ned at ...3764...> wrote:
>>> is this what you are referring to https://jrat.pro/ ?
>>> On 7/9/13 10:00 PM, James Lay wrote:
>>>> Anyone see info on this? Trying to find samples or screenshots of c&c traffic or SOMETHING to go on. Thanks all.
Thanks for the insight Ned.
More information about the Snort-sigs