Cyberveilleby Decio
Nuage de tags
Mur d'images
Quotidien
Flux RSS
  • Flux RSS
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filtres

Liens par page

  • 20 links
  • 50 links
  • 100 links

Filtres

Untagged links
3 résultats taggé CobaltStrike  ✕
Manjusaka: A Chinese sibling of Sliver and Cobalt Strike https://blog.talosintelligence.com/2022/08/manjusaka-offensive-framework.html
03/08/2022 15:35:19
QRCode
archive.org
thumbnail
  • Cisco Talos recently discovered a new attack framework called "Manjusaka" being used in the wild that has the potential to become prevalent across the threat landscape. This framework is advertised as an imitation of the Cobalt Strike framework.
  • The implants for the new malware family are written in the Rust language for Windows and Linux.
  • A fully functional version of the command and control (C2), written in GoLang with a User Interface in Simplified Chinese, is freely available and can generate new implants with custom configurations with ease, increasing the likelihood of wider adoption of this framework by malicious actors.
  • We recently discovered a campaign in the wild using lure documents themed around COVID-19 and the Haixi Mongol and Tibetan Autonomous Prefecture, Qinghai Province. These maldocs ultimately led to the delivery of Cobalt Strike beacons on infected endpoints.
  • We have observed the same threat actor using the Cobalt Strike beacon and implants from the Manjusaka framework.
talosintelligence EN 2022 manjusaka CobaltStrike framework imitation C2
When Pentest Tools Go Brutal: Red-Teaming Tool Being Abused by Malicious Actors https://unit42.paloaltonetworks.com/brute-ratel-c4-tool/
07/07/2022 07:30:53
QRCode
archive.org

Unit 42 continuously hunts for new and unique malware samples that match known advanced persistent threat (APT) patterns and tactics. On May 19, one such sample was uploaded to VirusTotal, where it received a benign verdict from all 56 vendors that evaluated it. Beyond the obvious detection concerns, we believe this sample is also significant in terms of its malicious payload, command and control (C2), and packaging.

unit42 EN 2022 BruteRatelC4 CobaltStrike redteam APT BRc4 C2 malware
Telerik UI exploitation leads to cryptominer, Cobalt Strike infections https://news.sophos.com/en-us/2022/06/15/telerik-ui-exploitation-leads-to-cryptominer-cobalt-strike-infections/
17/06/2022 07:11:21
QRCode
archive.org
thumbnail

Attacker targets bugs in a popular web application graphical interface development tool.

sophos 2022 EN research POWERSHELL TELERIK XMRIG CVE-2017-11357 CVE-2019-18935 CVE-2017-11317 cobaltstrike cryptomaining
493 links
Shaarli - Le gestionnaire de marque-pages personnel, minimaliste, et sans base de données par la communauté Shaarli - Theme by kalvn - Curated by Decio