Threat Response

Hunting for Mythic in network traffic

We analyze the network activity of the Mythic framework, focusing on agent-to-C2 communication, and use signature and behavioral analysis to create detection rules for Network Detection and Response (NDR) solutions.

Related Kaspersky Products & Services
Reports

ToddyCat: your hidden email assistant. Part 2

An in-depth analysis of Umbrij, a new tool used by the ToddyCat APT group to compromise corporate email communications in Gmail. The attack targeted OAuth authorization tokens, allowing threat actors to gain access to Google services.