Public and Private Medical Community Targeted by China-Nexus Threat Actor Pursuing Artificial Intelligence, Cyber, Medical, and National Defense Research | Google Cloud Blog
… T1071.001 Application Layer Protocol: Web Protocols HTTP response to C2 commands Detections YARA Rules rule G Backdoor INFINITERED 1 { meta: author = "Google Threat Intelligence Group GTIG " strings: $magic flag = "ej671a16i7fd8202nu6ltfg5p6x7u" $magic flag base64 = "ej671a16i7fd8202nu6ltfg5p6x7u" … …