2022 Unit 42’s Brute Ratel C4 Research – Jen Miller-Osborn, Palo Alto Networks

August 22, 2022

Jen Miller-Osborn, Deputy Director of Threat Intelligence, Unit 42 at Palo Alto Networks joins Alan Shimmel to discuss a recent Unit 42 blog post from July about Brute Ratel C4, a penetration testing and adversary emulation framework. This tool is similar to Cobalt Strike, a common pentesting framework that is known to be leveraged by ransomware and APT actors (ex. Solarwinds). Brute Ratel C4 is specifically engineered to evade modern Endpoint Detection and Response (EDR) and AntiVirus (AV) capabilities. This Unit 42 research is significant in that it identifies a capability that is largely undetectable across most cybersecurity vendors with a growing user base that is now being adopted for malicious purposes by APTs. Unit 42 has shared its findings widely with government and industry partners around the globe, providing technical indicators that will help organizations identify activity from this tool. Unit 42 has also encouraged security vendors to create protections to detect related activity.

Share some ❤
Categories: Interviews
starts in 10 seconds