The article here is titled Hackers now use AppDomain Injection to drop CobaltStrike beacons which was quite interesting.
This technique has been around since2017, so before TSB’s existance.
So far, it seems like the attacks have occured outside the United States, but it does not surprise me if this eventually changed at some point in th future.
APT domain injections also use DLL files, similar to side loading; says the article.
I believe that these domain attacks don’t actually use domains on the internet, but use domain tools within the PC itself.
There is plenty here, read the entire article for complete details.
Discover more from Jared's Technology podcast network
Subscribe to get the latest posts sent to your email.