in the DNC Hack



Why the focus on C2?

• The attackers either have to purchase or

compromise C2

• If purchased, there may be links we can follow

– Registration email

– Where is the domain parked

• If compromised, there may be something

common in the targets that suggests a particular


– Perhaps all compromised domains are running

Drupal or Wordpress

(C) 2016 Rendition Infosec - Jake Williams

More magazines by this user
Similar magazines