Cobalt Strike Attacks

Posted on November 20, 2020 by John Limb

In the past few weeks, we have seen a significant increase in malicious attacks by bad actors using Cobalt Strike. Cobalt Strike is a legitimate tool used to give penetration testers access to many different attack capabilities. The issue lies when this toolkit gets into the wrong hands. Predominantly we have been seeing Cobalt Strike deploy an agent named “Beacon” for post-exploitation. Deploying this successfully can lead to a Ryuk Ransomware attack.

Read More

Trickbot/Ryuk Healthcare Attacks

Posted on November 3, 2020 by John Limb

A new round of ransomware attacks targeting the healthcare industry is imposing a new strain on hospital networks already pushed to the breaking point by the COVID-19 pandemic.  But security experts from Braintrace have recently developed a state-of-the-art network analysis tool called Dragonfly that can effectively fingerprint the  virus families behind this latest round of attacks using encrypted payload analysis.

Read More

All content Copyright © 2024 PinHawk LLC. All Rights Reserved.