The China-aligned APT (advanced persistent threat) group known as ‘Bronze Starlight’ was seen targeting the Southeast Asian gambling industry with malware signed using a valid certificate...
The Cuba ransomware gang was observed in attacks targeting critical infrastructure organizations in the United States and IT firms in Latin America, using a combination of...
The Google Cloud Threat Intelligence team has open-sourced YARA Rules and a VirusTotal Collection of indicators of compromise (IOCs) to help defenders detect Cobalt Strike components...
A previously unknown Chinese APT (advanced persistent threat) hacking group dubbed ‘Earth Longzhi’ targets organizations in East Asia, Southeast Asia, and Ukraine. The threat actors have...
A new phishing campaign targets US and New Zealand job seekers with malicious documents installing Cobalt Strike beacons for remote access to victims’ devices. The attack...
The Brute Ratel post-exploitation toolkit has been cracked and is now being shared for free across Russian-speaking and English-speaking hacking communities. For those unfamiliar with Brute Ratel...
Someone is flooding Cobalt Strike servers operated by former members of the Conti ransomware gang with anti-Russian messages to disrupt their activity. The operators of Conti...
The Chinese Winnti hacking group, also known as ‘APT41’ or ‘Wicked Spider,’ targeted at least 80 organizations last year and successfully breached the networks of at...
Researchers have observed a new post-exploitation attack framework used in the wild, named Manjusaka, which can be deployed as an alternative to the widely abused Cobalt...
A threat actor associated with the LockBit 3.0 ransomware operation is abusing the Windows Defender command line tool to load Cobalt Strike beacons on compromised systems...
Recent Comments