Cobalt Strike – Page 8 – WindowsTechs.com

Ryuk, Egregor Ransomware Attacks Leverage SystemBC Backdoor

Posted on December 16, 2020 by Lindsey O'Donnell

In the past few months researchers have detected hundreds of attempted SystemBC deployments globally, as part of recent Ryuk and Egregor ransomware attacks. Continue reading Ryuk, Egregor Ransomware Attacks Leverage SystemBC Backdoor→

Microsoft Teams Users Under Attack in ‘FakeUpdates’ Malware Campaign

Posted on November 10, 2020 by Elizabeth Montalbano

Microsoft warns that cybercriminals are using Cobalt Strike to infect entire networks beyond the infection point, according to a report. Continue reading Microsoft Teams Users Under Attack in ‘FakeUpdates’ Malware Campaign→

Cobalt Strike 4.2 – Everything but the kitchen sink

Posted on November 6, 2020 by rsmudge

Cobalt Strike 4.2 is now available. This release overhauls our user exploitation features, adds more memory flexibility options to Beacon, adds more behavior flexibility to our post-exploitation features, and makes some nice changes to Malleable C2 too. User Exploitation Redux Cobalt Strike’s screenshot tool and keystroke logger are examples of user exploitation tools. These capabilities […] Continue reading Cobalt Strike 4.2 – Everything but the kitchen sink→

Ryuk Ransomware Gang Uses Zerologon Bug for Lightning-Fast Attack

Posted on October 19, 2020 by Tara Seals

Researchers said the group was able to move from initial phish to full domain-wide encryption in just five hours. Continue reading Ryuk Ransomware Gang Uses Zerologon Bug for Lightning-Fast Attack→

OldGremlin Ransomware Group Bedevils Russian Orgs

Posted on September 23, 2020 by Lindsey O'Donnell

The cybercriminal group has plagued firms with ransomware, sent via spear phishing emails with COVID-19 lures, since March. Continue reading OldGremlin Ransomware Group Bedevils Russian Orgs→

Fileless Malware Tops Critical Endpoint Threats for 1H 2020

Posted on September 21, 2020 by Tara Seals

When it comes to endpoint security, a handful of threats make up the bulk of the most serious attack tools and tactics. Continue reading Fileless Malware Tops Critical Endpoint Threats for 1H 2020→

Feds Warn Nation-State Hackers are Actively Exploiting Unpatched Microsoft Exchange, F5, VPN Bugs

Posted on September 14, 2020 by Lindsey O'Donnell

Monday’s CISA advisory is a staunch reminder for federal government and private sector entities to apply patches for flaws in F5 BIG-IP devices, Citrix VPNs, Pulse Secure VPNs and Microsoft Exchange servers. Continue reading Feds Warn Nation-State Hackers are Actively Exploiting Unpatched Microsoft Exchange, F5, VPN Bugs→

Cobalt Strike: The New Favorite Among Thieves

Posted on September 2, 2020 by Virginia Satrom

By Chris Gerritz Since 2012, Cobalt Strike has been utilized as a proactive way of testing network defenses against advanced threat actor tools, tactics, and procedures (TTPs). The aim, of course, is to mimic the most malicious threat actors and their … Continue reading Cobalt Strike: The New Favorite Among Thieves→

Cobalt Strike 4.1 – The Mark of Injection

Posted on June 25, 2020 by rsmudge

Cobalt Strike 4.1 is now available. This release introduces a new way to build post-ex tools that work with Beacon, pushes back on a generic shellcode detection strategy, and grants added protocol flexibility to the TCP and named pipe Beacons. Beacon Object Files Cobalt Strike has weaponization options for PowerShell, .NET, and Reflective DLLs. These […] Continue reading Cobalt Strike 4.1 – The Mark of Injection→

Sodinokibi Ransomware Now Scans Networks For PoS Systems

Posted on June 23, 2020 by Lindsey O'Donnell

Attackers are compromising large companies with the Cobalt Strike malware, and then deploying the Sodinokibi ransomware. Continue reading Sodinokibi Ransomware Now Scans Networks For PoS Systems→