cobalt strike – Computer Security Articles

A week in security (July 1 – July 7)

July 8, 2024 admin Authy, cobalt strike, evil twin, news, prudential, taylor swift, twilio

A list of topics we covered in the week of July 1 to July 7 of 2024

The Not-So-Secret Network Access Broker x999xx

July 3, 2024 admin Breadcrumbs, cobalt strike, cobaltforce, constella intelligence, dashin2008@yahoo.com, Flashpoint, Intel 471, kirtsov@telecom.ozersk.ru, lockbit, maksim georgievich kirtsov, maksya@icloud.com, maxnmalias-1@yahoo.com, mikhail matveev, Ne'er-Do-Well News, operation endgame, osint.industries, ozersk technological institute national research nuclear university, Recorded Future, u.s. department of justice, wazawaka, x999xx, Кирцов Максим Георгиевич

Credit to Author: BrianKrebs| Date: Wed, 03 Jul 2024 16:41:34 +0000

Most accomplished cybercriminals go out of their way to separate their real names from their hacker handles. But among certain old-school Russian hackers it is not uncommon to find major players who have done little to prevent people from figuring out who they are in real life. A case study in this phenomenon is “x999xx,” the nickname chosen by a venerated Russian hacker who specializes in providing the initial network access to various ransomware groups.

Security Sophos

ConnectWise ScreenConnect attacks deliver malware

February 28, 2024 admin asyncrat, cobalt strike, cve-2024-1708, cve-2024-1709, Featured, ir, lockbit, mdr, ransomware, rust, ScreenConnect, sophos x-ops, threat research

Credit to Author: Andrew Brandt| Date: Fri, 23 Feb 2024 10:40:38 +0000

Multiple attacks exploit vulnerabilities in an IT remote access tool to deliver a variety of different payloads into business environments

MalwareBytes Security

Warning issued over increased activity of TrueBot malware

July 10, 2023 admin cl0p, cobalt strike, cve-2022-31199, flawedgrace, news, ransomware, raspberry robin, silence group, teleport, truebot

Categories: News

Categories: Ransomware

Tags: TrueBot

Tags: Cl0p

Tags: Silence Group

Tags: CVE-2022-31199

Tags: Raspberry Robin

Tags: FlawedGrace

Tags: Cobalt Strike

Tags: Teleport

CISA, the FBI, the MS-ISAC, and the CCCS have warned about increased activity of the TrueBot malware in the US and Canada.

Security Sophos

The Phantom Menace: Brute Ratel remains rare and targeted

May 18, 2023 admin brute ratel, cobalt strike, Featured, havok, Meterpreter, post-exploitation tools, sliver, sophos x-ops, threat research

Credit to Author: gallagherseanm| Date: Thu, 18 May 2023 11:00:58 +0000

The commercial attack tool’s use by bad actors has faded after an initial flurry, while Cobalt Strike remains the go-to post-exploitation tool for many.

MalwareBytes Security

Update now! GoAnywhere MFT zero-day patched

February 8, 2023 admin Brian Krebs, cobalt strike, code white, emergency patch 7.1.2, florian hauser, fortra, goanywhere mft, kevin beaumont, managed file transfer, news

Categories: News

Tags: GoAnywhere MFT

Tags: managed file transfer

Tags: Kevin Beaumont

Tags: Brian Krebs

Tags: emergency patch 7.1.2

Tags: Fortra

Tags: Cobalt Strike

Tags: Florian Hauser

Tags: Code White

A bug in GoAnywhere, a B2B management file transfer software, could lead to a serious supply chain attack if left unpatched. Update now!

(Read more…)

The post Update now! GoAnywhere MFT zero-day patched appeared first on Malwarebytes Labs.

MalwareBytes Security

Silence is golden partner for Truebot and Clop ransomware

December 13, 2022 admin clop ransomware, cobalt strike, fin11, grace, news, ransomware, Silence, ta505, teleport, truebot

Categories: News

Categories: Ransomware

Tags: Silence

Tags: TA505

Tags: Clop ransomware

Tags: Truebot

Tags: Grace

Tags: Cobalt Strike

Tags: Teleport

Tags: FIN11

Researchers have identified two new Truebot botnets that are using new versions of the Truebot downloader Trojan to infiltrate and explore a target’s network.

MalwareBytes Security

A week in security (July 11 – July 17)

July 18, 2022 admin a week in security, bandai namco, cobalt strike, elden ring, mangatoon, microsoft updates, predatory sparrow, pypi, ransomware, spyjoker, tonto team, WhatsApp

Credit to Author: Malwarebytes Labs| Date: Mon, 18 Jul 2022 10:22:29 +0000

The most important and interesting computer security stories from the last week.

The post A week in security (July 11 – July 17) appeared first on Malwarebytes Labs.

← Previous