Sliver an alternate tool for Cobalt Strike
Detecting and blocking the use of Cobalt Strike by adversaries are the main course of action for the security teams over the years, now they may also want to keep an…
Brute Ratel Deployed by BlackCat Ransomware operation
The BlackCat ransomware group has deployed a new binary Brute Ratel, a penetration testing suite with remote access to help with its intrusion efforts The analysis results shown that the…
MSBuild Abused for Beacon Cobalt Strike
Researchers recently observed several malicious campaigns abusing Microsoft Build Engine (MSBuild) to execute a Cobalt Strike payload on compromised machines. MSBuild is a free and open-source build toolset for managed code…
Blister Malware Keeps Blasting
Researchers have disclosed details of an evasive malware campaign dubbed Blister that makes use of valid code signing certificates to sneak past security defenses and stay under the radar with…
Karakurt Cyber Gang
Researchers detailed the activity of a sophisticated financially motivated threat actor called Karakurt. The activity of the group was first spotted in June 2021, but the group has been more…
Emotet Directs Cobalt Strike Now !
Emotet now directly installs the Cobalt Strike Beacon, giving threat actors immediate network access and making ransomware attacks imminent. Ironically, Emotet is a malware that spreads by spam emails containing…
Sabbath Ransomware !
A new ransomware group called Sabbath (aka UNC2190) has been targeting critical infrastructure in the United States and Canada. The group is a rebrand of Arcane and Eruption gangs, observed…
Squirrel waffle Drops CobaltStrike
A new malware dubbed Squirrelwaffle has emerged, supporting actors with an initial foothold and a way to drop malware onto compromised systems and network, spreads via spam campaigns dropping Qakbot…