PP104: How SocGholish Picks Locks to Let In Ransomware

In the cybercrime industry, initial access brokers specialize in break-ins. They pick digital locks and slide open electronic windows, and then sell that access to other threat actors who specialize in ransomware, exfiltration, and other crimes. SocGholish is a widely used tool in the access broker toolkit. Typically disguised as a legitimate software update, SocGholish... Read more »