Collaborate Disseminate
By Waqas
Elusive APT Group ‘Gelsemium’ Emerges in Rare Southeast Asian Attack, Unveils Unique Tactics. KEY FINDINGS Cybersecurity researchers at…
This is a post from HackRead.com Read the original post: Gelsemium APT Group Uses “… Continue reading Gelsemium APT Group Uses “Rare” Backdoor in Southeast Asian Attack
Over the past few years, there has been a massive proliferation of YARA signatures for Beacon. We know from conversations with our customers that this has become problematic when using Cobalt Strike for red team engagements and that there has been some confusion over how Cobalt Strike’s malleable C2 options can help. Therefore, this blog […]
Continue reading Cobalt Strike and YARA: Can I Have Your Signature?
By Deeba Ahmed
Cobalt Strike is a legitimate post-exploitation tool designed by Raphael Mudge of Fortra for adversary simulation but it has also been abused by cybercriminals.
This is a post from HackRead.com Read the original post: Microsoft and Fortr… Continue reading Microsoft and Fortra to Take Down Malicious Cobalt Strike Infrastructure
Microsoft, Fortra and Health-ISAC have taken legal and technical action to prevent the abuse of the Cobalt Strike exploitation tool and Microsoft software.
The post Technical, Legal Action Taken to Prevent Abuse of Cobalt Strike, Microsoft Software ap… Continue reading Technical, Legal Action Taken to Prevent Abuse of Cobalt Strike, Microsoft Software
The action against illicit versions of legitimate Cobalt Strike applications represents the culmination of a year-long investigation.
The post Microsoft leads effort to disrupt illicit use of Cobalt Strike, a dangerous hacking tool in the wrong hands appeared first on CyberScoop.
I blogged about the Cobalt Strike roadmap in March last year and while the fundamental tenets of our approach to R&D remain unaltered, a lot has changed behind the scenes over the past year or so. I try to engage with our customers on various platforms and over the past few months, I’ve been asked […]
Continue reading Cobalt Strike 2023 Roadmap and Strategy Update
This blog post accompanies a new addition to the Arsenal Kit – The User-Defined Reflective Loader Visual Studio (UDRL-VS). Over the past few months, we have received a lot of feedback from our users that whilst the flexibility of the UDRL is great, there is not enough information/example code to get the most out of […]
Continue reading Revisiting the User-Defined Reflective Loader Part 1: Simplifying Development
Cobalt Strike 4.8 is now available. This release sees support for system calls, options to specify payload guardrails, a new token store, and more. We had originally planned to get this release out late in 2022 but progress was stymied due to the 4.7.1 and 4.7.2 patch releases that we had to put out to […]
By Habiba Rashid
DNA Diagnostics Center (DDC), a US-based DNA testing service suffered a data breach in November 2021, in which…
This is a post from HackRead.com Read the original post: DNA testing service to pay $400k for data breach it ignored
Continue reading DNA testing service to pay $400k for data breach it ignored
This blog introduces a PoC technique for spoofing call stacks using timers. Prior to our implant sleeping, we can queue up timers to overwrite its call stack with a fake one and then restore the original before resuming execution. Hence, in the same way we can mask memory belonging to our implant during sleep, we […]
Continue reading Behind the Mask: Spoofing Call Stacks Dynamically with Timers