Stories from the SOC – Beaconing Activity

Stories from the SOC is a blog series that describes recent real-world security incident investigations conducted and reported by the AT&T SOC analyst team for AT&T Managed Threat Detection and Response customers.
Executive Summary
Beaconing analysis is one of the most effective methods for threat hunting on your network. In the world of malware, beaconing is the act of sending regular communications from an infected host to an attacker-controlled host to communicate that the infected host malware is alive and ready for instructions. It is often one of the first indications of a botnet malware infection, so it’s important to spot the beaconing behavior before the infected host can expose data or launch an attack.
The investigation began in response to an Alarm triggered by outgoing TCP traffic to an IP address that was flagged by the AT&T Alien Labs Open Threat…

Posted by: Sumner Meckel

Read full post

     

The post Stories from the SOC – Beaconing Activity appeared first on Cybersecurity Insiders.

March 13, 2021 at 10:00PM

Posted in: Cyber Security, Cybersecurity Insiders, Hacking, Hacking Articles, Hacking News, Security