"Not to hit the radar". Meanwhile they use outdated known TTPs and lolbins like skids that should be picked up by any org doing command line logging, process creation logging etc. Don't know why everyone keeps harping on that they're stealthy or advanced, they're neither. This is not even close to state of the art. We're talking about things that would have been detected 5+ years ago by any competent organization.
"Not to hit the radar". Meanwhile they use outdated known TTPs and lolbins like skids that should be picked up by any org doing command line logging, process creation logging etc. Don't know why everyone keeps harping on that they're stealthy or advanced, they're neither. This is not even close to state of the art. We're talking about things that would have been detected 5+ years ago by any competent organization.
for sure bro