Webinar takeaway: How to Cover C&C in the MITRE ATT&CK Matrix

My key takeaways

Modern threats are almost impossible to detect by signatures or heuristics

command and control channels (C2) now are often using common encryption like https so content analysis is not an option either

Well known and legit websites are abused as C2 channels like Google Mail or O365

Even CDNs are used as C2 channels and they can't filter out beacons due to the amount of traffic in the network

Monitoring network anomalies with tools like Passer or RITA might show C2 beacons

the MITRE framework has elements to test for data exfiltration

additional links

Ransomware Resilience Starts in the Mind: Overcoming Cognitive Biases and Decision-Making Errors in Cybersecurity

Why We Keep Losing Despite Stronger Security Controls Over the past three years, businesses have almost doubled their confidence in cybersecurity—rising from 32% in 2021 to 54% in 2024 (The Global Cost of Ransomware Study, 2025). Despite this, ransomware’s impact has only grown: 40% of affected companies suffered significant revenue losses, 58% experienced operational downtime,

Webinar takeaway – Shellcode Execution with Python

teaser for this Webcast, which made me attend Imagine you are pen testing a company and gain access to a Windows application server. You discover the server has application allow listing deployed, and strong EDR/XDR defensive solutions. To your excitement, you find there is a Python interpreter installed. It would be really great if you

Jean-Christoph von Oertzen

Blog

Infosec glossary

Webinar takeaway: How to Cover C&C in the MITRE ATT&CK Matrix

My key takeaways

Env

additional links

You may also like

Ransomware Resilience Starts in the Mind: Overcoming Cognitive Biases and Decision-Making Errors in Cybersecurity

Webinar takeaway – Shellcode Execution with Python