Tag
critical
threat
Warlock Group Deploys Web Shells, Tunnels, and Ransomware
2 rules 4 TTPsThe Warlock group utilizes web shells and tunneling to deploy ransomware within compromised environments, impacting victim data confidentiality and availability.
Warlock
webshell
ransomware
tunneling
2r
4t
medium
advisory
Potential Protocol Tunneling via Yuze
2 rules 3 TTPsThis alert detects potential protocol tunneling activity via the execution of Yuze, a lightweight open-source tunneling tool often used by threat actors for intranet penetration via forward and reverse SOCKS5 proxy tunneling.
Defender XDR +2
command-and-control
tunneling
yuze
proxy
2r
3t