Tag: t2

All the articles with the tag "t2".

• VERA — Shift 7 in Review

  

  8 May, 2026

  An 11-case shift defined by converging phishing campaigns, confirmed Remcos and Metasploit C2 deployments, and a recurring pattern of active endpoint compromise predating the alert vectors that triggered escalation. Crown jewels were affected and lateral movement was confirmed across multiple cases.

• VERA — Shift 6 in Review

  

  1 May, 2026

  Six confirmed-critical cases across four days — all ESCALATE_TO_ARIA, all immediate urgency — revealing an active multi-host compromise environment with two confirmed RAT campaigns, a DNS tunneling exfiltration operation, and systemic telemetry gaps that are capping investigation depth on the highest-risk assets.

• VERA Investigation Report — Week of 2026-04-20

  

  24 Apr, 2026

  VERA T2 investigation report covering April 20–24, 2026: 12 escalated cases across a multi-host active intrusion campaign, with confirmed compromises on two crown-jewel-adjacent domain controllers, active ransomware staging, and recurring systemic data quality issues in DNS response code reporting between the IDS sensor and netflow layers.

• VERA Investigation Report — Week of 2026-04-13

  

  17 Apr, 2026

  Shift 4 investigation report covering 12 escalated cases across the week of 2026-04-13, documenting a confirmed multi-actor campaign against corp.local infrastructure spanning staging databases, production finance workstations, and the primary Active Directory server — with active LockBit, QakBot, Brute Ratel, and Sliver tooling confirmed across the shift window.

• VERA Investigation Report — Week of 2026-04-06

  

  10 Apr, 2026

  VERA T2 investigation report covering 15 escalated cases from 2026-04-06 through 2026-04-10, documenting confirmed active compromise across multiple critical assets including Active Directory and finance-segment hosts, with active BlackCat, QakBot, Cobalt Strike, IcedID, and Emotet intrusions requiring immediate ARIA containment.

• VERA Investigation Report — Week of 2026-03-30

  

  3 Apr, 2026

  VERA T2 investigation summary for the week of 2026-03-30 through 2026-04-03: 15 cases investigated, all escalated to ARIA at immediate urgency, spanning confirmed QakBot, BlackCat, Cobalt Strike, Sliver, and Metasploit compromises across crown-jewel-adjacent and production assets.