Cobalt Strike Attacks
Posted on November 20, 2020 by John Limb
In the past few weeks, we have seen a significant increase in malicious attacks by bad actors using Cobalt Strike. Cobalt Strike is a legitimate tool used to give penetration testers access to many different attack capabilities. The issue lies when this toolkit gets into the wrong hands. Predominantly we have been seeing Cobalt Strike deploy an agent named “Beacon” for post-exploitation. Deploying this successfully can lead to a Ryuk Ransomware attack.
Trickbot/Ryuk Healthcare Attacks
Posted on November 3, 2020 by John Limb
A new round of ransomware attacks targeting the healthcare industry is imposing a new strain on hospital networks already pushed to the breaking point by the COVID-19 pandemic. But security experts from Braintrace have recently developed a state-of-the-art network analysis tool called Dragonfly that can effectively fingerprint the virus families behind this latest round of attacks using encrypted payload analysis.