
Threat Trends: An Episode (Mostly) About Non-Ransomware Cyber Crime
The Defender's Advantage Podcast
The Evolution of Beacon Attack Frameworks
In the early days of Fin6's foray into extortion operations Mandiant had seen three distinct individuals sort of working through a single victim network and in this case each of them was using a different attack framework. And so that just kind of goes to highlight that to some degree there is a sense of sort of personal preference or familiarity that has driven some of the diversity we've seen as well. It's also important to note that in a lot of cases we do see these actors using these frameworks in tandem as I previously suggested right. So you know their decision can be driven by practicalities and change over time as even if they're using cobalt strike potentially they get access to a new cracked copy