Displaying items by tag: Cobalt Strike

COMPANY NEWS: Secureworks, a global leader in cybersecurity has discovered Bumblebee malware being spread through malicious online ads, like Google ads. Bumblebee, initially discovered in March 2022, has traditionally, although not exclusively, been distributed via phishing attacks to deliver ransomware. This new finding fits with a general increase Secureworks has seen in attacks involving trojanised software distributed via malicious Google Ads or SEO poisoning.

European security firm MDSec has taken exception to the release of a blog post by another security outfit, Proofpoint, about its penetration testing framework Nighthawk, accusing the latter of making "unsubstantiated and speculative projections" about the framework.

Old sometimes is not gold, especially when it comes to ancient versions of ColdFusion running on versions of Windows that have reached their end-of-life, as the global security firm Sophos has demonstrated through its research into a server that was taken over by unknown actors using the Cring ransomware.

Researchers from security firm Intezer Labs have found a re-implementation of the Cobalt Strike beacon, written from scratch, which works on both Windows and Linux systems.

The source code for the well-known penetration testing tool Cobalt Strike appears to have been leaked on GitHub and immediately forked to at least 20 other accounts.

Windows ransomware known as LockBit, which made its presence known in 2019, has now matured and is using novel ways to escalate privileges by bypassing the User Account Control feature on Windows systems.

Global security firm Sophos has questioned the connection drawn between ransomware attacks facilitated by the Trickbot botnet and threats to election security, with a senior researcher saying gangs did not generally target local governments specifically for political effect.

A malware campaign that uses military-themed malicious Microsoft Office documents to spread a remote access trojan has been observed by Cisco's Talos Intelligence Group, with the group adding that the RAT was spread using customised Cobalt Strike beacons.