The Department of Homeland Security’s National Cybersecurity & Communications Integration Center (NCCIC) released a new alert yesterday highlighting five publicly available tools frequently observed in cyber incidents worldwide. The alert was the result of a global effort that included the Australian Cyber Security Centre, the Canadian Centre for Cyber Security, the New Zealand National Cyber Security Centre, and the United Kingdom National Cyber Security Centre. The five publicly available tools highlighted in the alert are: JBiFrost, a remote access trojan; China Chopper, a webshell; Mimikatz, a credential stealer; PowerShell Empire, a lateral movement framework; and HUC Packet Transmitter, a C2 obfuscation and exfiltration tool. In the full alert, NCCIC provides advice on limiting the effectiveness of the tools and detecting their use on a network.
Read More About