New Cobalt Strike DoS Vulnerabilities Allow Takedown of Attackers’ Servers

25
New Cobalt Strike DoS Vulnerabilities Allow Takedown of Attackers’ Servers

Security researchers recently discovered Cobalt Strike DoS (denial of service ) flaws that enable blocking beacon command-and-control (C2) communication channels and new deployments.

SentinelOne’s threat research team SentinelLabs found the DoS flaws tracked as CVE-2021-36798 and dubbed as Hotcobalt in the latest versions of Cobalt Strike’s server.

Fake beacons can be registered with the server of a specific Cobalt Strike installation, as they discovered. Sending bogus jobs to the server can cause it to crash by exhausting available memory.

According to SentinelLabs, “This lets malicious actor cause memory exhaustion on the machine the Cobalt’s server (the ‘Teamserver’) runs on, which makes the server unresponsive until it’s restarted.”

To Read More: bleepingcomputer

For more such updates follow us on Google News ITsecuritywire News