 |
| |
| What is Raspberry Robin? |
| |
| For nearly a year, Red Canary has been tracking a worm spread by external drives that leverages Windows Installer to reach out to QNAP-associated domains and download a malicious DLL. |
|
|
|
 |
| |
| How can I test my detection coverage? |
| |
| Watch Red Canary's Paul Michaud walk through four Atomic Red Team tests that will help you emulate behaviors associated with Raspberry Robin. Are you able to observe, detect, or prevent infection? |
|
|
|
|
| ATOMIC TESTS FOR RASPBERRY ROBIN |
| |
|
|
| |
|
|
Top contributors
- danf42
- MHaggis4
- Leomon5
- tccontre
- tr4cefl0w
|
|
New contributors
- it-native
- TaintedHorizon
- masonharrell
- moullos
- alireza-ebrahimi
- felipebueno
- burning-pm
- mrrothe
- arames13
|
|
| MORE FROM ATOMIC RED TEAM |
| |
|
|
| |
|
|
| NEW TEST: Python pty module spawning sh or bash |
| |
| First-time contributor ruyek-git created a test that emulates malicious use of the Python pty module observed by Volexity, as part of their investigation into widespread exploitation of CVE-2022-26134, an unauthenticated remote code execution vulnerability in Atlassian Confluence. |
|
|
|
| New integration with VECTR |
| |
| You can now import Atomic Red Team execution logs into VECTR, a free purple team reporting tool. Atomic Red Team maintainer Carrie Roberts shows you how in a new video from our friends at Antisyphon Training. |
|
|
|
|
| |
| Work with us! |
| |
| Red Canary is looking for a developer advocate to focus on Atomic Red Team. Join us and work alongside the Atomic community to address cybersecurity challenges through open source tools and education. |
| |
| |
JOB POSTING  |
|
| |
|
| |
|
|
|
