Reply to post: Re: It had to happen

Half of Q1's malware traffic observed by Sophos was TLS encrypted, hiding inside legit requests to legit services

Anonymous Coward
Anonymous Coward

Re: It had to happen

PS using stuff like Reddit or Google docs or Google calendar or facebook or even posted in slack (or IRC!) is all C2 methods I've seen for years and years....

The bad guys will do anything to try and hide their comms, which is why ETDR is a much better way of combatting them than trying to use network tools - and I say that as a network person as much as a security one.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2022