To help identify Cobalt Strike and stop its malicious use, Google has released YARA rules and a VirusTotal Collection.
Cobalt Strike, a red teaming tool that was introduced in 2012, is made up of a number of tools that can mimic actual cyber threats and is contained in a JAR file. To give the attacker control over infected systems from a single interface, it employs a server/client strategy. Threat actors now use Cobalt Strike’s point-and-click capabilities to deploy remote access tools on targeted systems, where they can then move laterally into victim environments.
Also Read: Four Cybersecurity Misconceptions the C-Suite Must Be Aware Of
The cracked version of the tool has been available for years, despite the vendor of the tool having a system in place to stop them from selling it to malicious organizations.
Read More: Google Making Cobalt Strike Pentesting Tool Harder to Abuse
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.