Cobalt Strike takedown effort cuts cracked versions by 80%
Fortra, Microsoft and Health-ISAC partnership reduced unauthorized copies of red team tool over the last two years.
Infosecurity Magazine24y
Number of Unauthorized Cobalt Strike Copies Plummets 80%
Efforts to tackle unauthorized, legacy copies of pen testing tool Cobalt Strike have gathered pace over the past two years, ...
Infosecurity Magazine24y
Attackers Target Japanese Firms with Cobalt Strike
Attackers are actively exploiting an RCE flaw in Windows PHP-CGI implementations to target Japanese firms, deploying Cobalt ...
Critical PHP RCE vulnerability mass exploited in new attacks
Threat intelligence company GreyNoise warns that a critical PHP remote code execution vulnerability that impacts Windows ...
The Hacker News7d
PHP-CGI RCE Flaw Exploited in Attacks on Japan's Tech, Telecom, and E-Commerce Sectors
Hackers exploit CVE-2024-4577 to breach Japanese firms, leveraging Cobalt Strike, PowerShell, and advanced persistence ...
Hosted on MSN22d
Ghost ransomware crew continues to haunt IT depts with scarily bad infosec
A likely next move will be to use Cobalt Strike functionality to steal process tokens belonging to SYSTEM users. If Ghost gets those tokens, they’ll use the elevated privileges they confer to ...
New ClickFix attack deploys Havoc C2 via Microsoft Sharepoint
A newly uncovered ClickFix phishing campaign is tricking victims into executing malicious PowerShell commands that deploy the ...
SecurityWeek4d
Critical PHP Vulnerability Under Mass Exploitation
GreyNoise warns of mass exploitation of critical vulnerability (CVE-2024-4577) in PHP leading to remote code execution on vulnerable servers.
Computing3y
Hackers distribute Cobalt Strike to unpatched MS-SQL server instances
Hackers are trying to deploy the Cobalt Strike adversary simulation tool on vulnerable internet-facing Microsoft SQL (MS SQL) server instances as part of a new campaign that aims to steal ...