Cobalt Strike Archives • Page 2 of 3 • Daily CyberSecurity

Intrinsec Links Eye Pyramid C2 to Ransomware Networks in New Infrastructure Mapping Report Eye Pyramid, Ransomware Infrastructure

Intrinsec Links Eye Pyramid C2 to Ransomware Networks in New Infrastructure Mapping Report

Do Son May 2, 2025

In a comprehensive new report, cybersecurity firm Intrinsec has detailed how infrastructure used by RansomHub and the...

Sophisticated Attacks Employ Cobalt Strike, DLL Sideloading, and Evolving Tactics

Do Son May 1, 2025

In a sophisticated campaign that spanned multiple regions and techniques, Sophos researchers uncovered a cluster of targeted...

Operation HollowQuill Unveiled: Weaponized Documents Infiltrate Russia’s Defense Sector

Do Son April 4, 2025

A recent report by SEQRITE Labs APT-Team has shed light on a sophisticated campaign, dubbed Operation HollowQuill,...

Fake Zoom, Real Ransom: Nine-Day Malware Intrusion Ends with BlackSuit Ransomware Blast INC Ransom Pacific Cyber Threats OysterLoader Malware Rhysida Ransomware Black Basta Ransomware BYOVD Technique Velociraptor Abuse, Storm-2603 Ransomware Crypto24, Ransomware Ransomware Payments, UK Legislation ZACROS data breach

INC Ransom Pacific Cyber Threats OysterLoader Malware Rhysida Ransomware Black Basta Ransomware BYOVD Technique Velociraptor Abuse, Storm-2603 Ransomware Crypto24, Ransomware Ransomware Payments, UK Legislation ZACROS data breach

Fake Zoom, Real Ransom: Nine-Day Malware Intrusion Ends with BlackSuit Ransomware Blast

Do Son March 31, 2025

In a meticulously orchestrated cyberattack, a threat actor leveraged a malicious Zoom download to infiltrate a corporate...

RansomHub Deploys Custom Backdoor ‘Betruger’ in Targeted Ransomware Attacks RansomHub ransomware gang - Betruger backdoor

RansomHub Deploys Custom Backdoor ‘Betruger’ in Targeted Ransomware Attacks

Do Son March 22, 2025

A new report from Symantec Threat Hunter Team reveals that at least one affiliate of the RansomHub...

Rust Beacon Deploys Cobalt Strike in South Korean Cyber Intrusion Campaign

Do Son March 20, 2025

Hunt researchers have uncovered a cyber intrusion campaign targeting South Korean organizations, utilizing a sophisticated combination of...

Cybercriminals Lose: 80% Fewer Unauthorized Cobalt Strikes GoffLoader - Unauthorized Cobalt Strikes

Cybercriminals Lose: 80% Fewer Unauthorized Cobalt Strikes

Do Son March 10, 2025

A collaborative effort led by Microsoft’s Digital Crimes Unit (DCU), Fortra, and the Health Information Sharing and...

Stealthy Attacks Exploiting PHP-CGI Vulnerability Target Japanese Organizations

Do Son March 9, 2025

A sophisticated cyberattack campaign targeting organizations across multiple industries in Japan has been uncovered by Cisco Talos....

Weaponized Excel Documents: Ghostwriter’s New Tool of Cyber Espionage Ghostwriter campaign

Weaponized Excel Documents: Ghostwriter’s New Tool of Cyber Espionage

Do Son February 26, 2025

A new Ghostwriter campaign has been uncovered by SentinelLABS, targeting Ukrainian military, government entities, and Belarusian opposition...

CL-STA-0048: Chinese-Linked APT Targets Telecoms in South Asia DPRK IT Workers, APT38 Crypto Forfeiture

CL-STA-0048: Chinese-Linked APT Targets Telecoms in South Asia

Do Son February 3, 2025

A newly identified cyberespionage campaign, tracked as CL-STA-0048, has been uncovered by Unit 42 researchers targeting high-value...

Cyberattackers Unleash LockBit Ransomware Using Cobalt Strike and Proxy Tools LockBit Ransomware Cobalt Strike

Cyberattackers Unleash LockBit Ransomware Using Cobalt Strike and Proxy Tools

Do Son January 28, 2025

A recent investigation by The DFIR Report unveiled a sophisticated ransomware operation leveraging Cobalt Strike beacons and...

Operation (Giỗ Tổ Hùng Vương) Hurricane: New OceanLotus Group Revealed in Espionage Campaigns CVE-2024-36072 Water Gamayun, MSC EvilTwin

Operation (Giỗ Tổ Hùng Vương) Hurricane: New OceanLotus Group Revealed in Espionage Campaigns

Do Son January 22, 2025

A recent report from Qianxin details the sophisticated cyber-espionage tactics employed by the New OceanLotus group. Active...

Unmasking Play Ransomware: Tactics, Techniques, and Mitigation Strategies Play Ransomware Tactics

Unmasking Play Ransomware: Tactics, Techniques, and Mitigation Strategies

Do Son January 9, 2025

Play ransomware, also known as Balloonfly or PlayCrypt, has emerged as a significant cyber threat since its...

Earth Kasha Expands Operations: New LODEINFO Malware Hits Government and High-Tech Earth Kasha - LODEINFO

Earth Kasha Expands Operations: New LODEINFO Malware Hits Government and High-Tech

Do Son November 20, 2024

In a detailed report by Trend Micro, the emergence of a new LODEINFO malware campaign has been...

TAG-112 Targets Tibetan Community via Waterholing Attack TAG-112 threat actor

TAG-112 Targets Tibetan Community via Waterholing Attack

Do Son November 14, 2024

In a recent report by the Insikt Group, cybersecurity analysts reveal how the China-nexus threat actor TAG-112...

Earth Estries’ Evolving Toolkit: A Deep Dive into Their Advanced Techniques BlueNoroff macOS Attack GhostCall Campaign Carding Underground Bulletproof Hosting DPRK Contagious Interview, npm Flood Stonefly group -HiatusRAT Actors

BlueNoroff macOS Attack GhostCall Campaign Carding Underground Bulletproof Hosting DPRK Contagious Interview, npm Flood Stonefly group -HiatusRAT Actors

Earth Estries’ Evolving Toolkit: A Deep Dive into Their Advanced Techniques

Do Son November 11, 2024

Trend Micro has uncovered details about a sophisticated cyberespionage campaign from Earth Estries, also known as Salt...

Cyber-Espionage Campaign Unveiled: Operation Cobalt Whisper Hits Sensitive Industries

Do Son October 27, 2024

Quick Heal’s SEQRITE Labs has recently uncovered a significant cyber-espionage campaign dubbed Operation Cobalt Whisper, targeting sensitive...

New WarmCookie/BadSpace Malware Targets Organizations Espionage Group Daggerfly

New WarmCookie/BadSpace Malware Targets Organizations

Do Son October 23, 2024

Cisco Talos researchers uncovered a new and highly adaptive malware family, WarmCookie, also referred to as BadSpace....

Goffloader: In-Memory Execution, No Disk Required GoffLoader - Unauthorized Cobalt Strikes

Goffloader: In-Memory Execution, No Disk Required

Do Son September 4, 2024

The security company Praetorian has released GoffLoader, a tool designed to simplify the execution of BOF files...

Cyber Espionage Campaign Leverages Novel Tactics and “Voldemort” Malware to Target Global Organizations

Do Son September 1, 2024

Proofpoint researchers have unearthed a suspected espionage campaign distributing custom malware dubbed “Voldemort.” This operation, impacting over...

Critical Alert 1 Active Exploit Detected Today