https://thehackernews.com/2023/10/chinese-hackers-target-semiconductor.html?m=0
Semiconductor companies in East Asia are under attack. Threat actors posing as TSMC deploy Cobalt Strike beacons via HyperBro backdoor
east asiachinesehackerstargetsemiconductor
https://www.avg.com/en/signal/cobalt-strike-ransomware
What is a Cobalt Strike ransomware attack and how can it be prevented? Learn how it’s used and how to identify it.
what is itcobalt strikehow toransomwareamp
https://www.cobaltstrike.com/tech-notes
The Cobalt Strike Technical Notes Mailing List is our way to announce product updates. If you use Cobalt Strike, we recommend that you join.
cobalt strikemailing listtechnicalnotes
https://www.sophos.com/en-us/blog/telerik-ui-exploitation-leads-to-cryptominer-cobalt-strike-infections?cmp=701j0000001YAKMAA4&utm_campaign=BlogFrance&utm_campaign=BlogFrance%3Fcmp%3D701j0000001YAKMAA4&utm_medium=BlogLink&utm_medium=BlogLink&utm_source=SophosFrance&utm_source=SophosFrance
Attacker targets bugs in a popular web application graphical interface development tool
leads tocobalt striketelerikuiexploitation
https://thehackernews.com/2022/09/new-malware-campaign-targeting-job.html
In an ongoing malware campaign baiting with fake job offers, attackers are exploiting a known vulnerability in Microsoft Office to install Cobalt Stri
malware campaigncobalt strikenewtargetingjob
https://www.sentinelone.com/labs/lockbit-ransomware-side-loads-cobalt-strike-beacon-with-legitimate-vmware-utility/
Long-running LockBit ransomware attempts to evade Windows ETW, AMSI and EDR by leveraging legitimate VMware logging command line utility.
cobalt strikelockbitransomwaresideloads
https://blog.nviso.eu/2021/11/03/cobalt-strike-using-process-memory-to-decrypt-traffic-part-3/
We decrypt Cobalt Strike traffic with cryptographic keys extracted from process memory. This series of blog posts describes different methods to decrypt Cobalt...
cobalt strikeusingprocessmemorydecrypt
https://blog.nviso.eu/2021/10/27/cobalt-strike-using-known-private-keys-to-decrypt-traffic-part-2/
We decrypt Cobalt Strike traffic using one of 6 private keys we found. In this blog post, we will analyze a Cobalt Strike infection by looking at a full packet...
cobalt strikeprivate keysusingknowndecrypt
https://www.sophos.com/en-gb/blog/detecting-cobalt-strike-government-sponsored-threat-groups
TIN WOODLAWN used a customized version of Cobalt Strike to evade configuration-based detections, but a combination of strategic and tactical countermeasures...
cobalt strikegovernmentsponsoredthreatgroups