MSBuild Abused for Beacon Cobalt Strike
Posted inSecurity

MSBuild Abused for Beacon Cobalt Strike

Researchers recently observed several malicious campaigns abusing Microsoft Build Engine (MSBuild) to execute a Cobalt Strike payload on compromised machines. MSBuild is a free and open-source build toolset for managed code…
Redline Stealer

Redline Stealer

Anomali Threat Research discovered a campaign in which threat actors used MSBuild a tool used for building apps and gives users an XML schema that controls how the build platform…