Palo Alto Networks

command and control

From The Hunter Diaries - Detecting C2 Servers

Command and Control servers, AKA C2 servers, are servers operated by threat actors and are used for maintaining communications with compromised systems within a target network. With the recent rise in double extortion ransomware campaigns, attackers are also sending exfiltrated data to C2 servers.

Needless to say, one of our most important tasks of a threat hunter is to identify potential C2 servers which are communicated to from within a corpor...

May 20, 2021

Subscribe to Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.