• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
microsoft takes legal action to disrupt cybercriminals' illegal use of

Microsoft Takes Legal Action to Disrupt Cybercriminals’ Illegal Use of Cobalt Strike Tool

You are here: Home / General Cyber Security News / Microsoft Takes Legal Action to Disrupt Cybercriminals’ Illegal Use of Cobalt Strike Tool
April 7, 2023

Microsoft reported it teamed up with Fortra and Wellbeing Facts Sharing and Investigation Middle (Health-ISAC) to deal with the abuse of Cobalt Strike by cybercriminals to distribute malware, including ransomware.

To that conclude, the tech giant’s Electronic Crimes Unit (DCU) exposed that it secured a courtroom order in the U.S. to “take away illegal, legacy copies of Cobalt Strike so they can no lengthier be employed by cybercriminals.”

While Cobalt Strike, developed and maintained by Fortra (formerly HelpSystems), is a authentic post-exploitation software made use of for adversary simulation, illegal cracked variations of the software package have been weaponized by danger actors about the several years.

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


Ransomware actors, in unique, have leveraged Cobalt Strike soon after obtaining initial entry to a focus on environment to escalate privileges, lateral go across the network, and deploy file-encrypting malware.

Cobalt Strike
Cobalt Strike

“The ransomware families involved with or deployed by cracked copies of Cobalt Strike have been joined to much more than 68 ransomware attacks impacting healthcare corporations in a lot more than 19 nations all over the planet,” Amy Hogan-Burney, standard manager of DCU, said.

By disrupting the use of legacy copies of Cobalt Strike and compromised Microsoft application, the aim is to hinder the attacks and pressure the adversaries to rethink their ways, the corporation added.

Impending WEBINARLearn to Protected the Identity Perimeter – Verified Techniques

Improve your business enterprise security with our forthcoming professional-led cybersecurity webinar: Check out Identification Perimeter approaches!

You should not Pass up Out – Save Your Seat!

Redmond additional famous the misuse of Cobalt Strike by country-point out groups whose functions align with that of Russia, China, Vietnam, and Iran, introducing it detected malicious infrastructure hosting Cobalt Strike throughout the world, counting China, the U.S., and Russia.

The legal crackdown will come months following Google Cloud recognized 34 unique hacked release versions of the Cobalt Strike device in the wild in an try to “make it more difficult for lousy fellas to abuse.”

Identified this posting appealing? Comply with us on Twitter  and LinkedIn to read far more exceptional content we write-up.


Some parts of this posting are sourced from:
thehackernews.com

Previous Post: «are source code leaks the new threat software vendors should Are Source Code Leaks the New Threat Software vendors Should Care About?
Next Post: What is the Network and Information Security 2 (NIS2) Directive? what is the network and information security 2 (nis2) directive?»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Over 269,000 Websites Infected with JSFireTruck JavaScript Malware in One Month
  • Ransomware Gangs Exploit Unpatched SimpleHelp Flaws to Target Victims with Double Extortion
  • CTEM is the New SOC: Shifting from Monitoring Alerts to Measuring Risk
  • Apple Zero-Click Flaw in Messages Exploited to Spy on Journalists Using Paragon Spyware
  • WordPress Sites Turned Weapon: How VexTrio and Affiliates Run a Global Scam Network
  • New TokenBreak Attack Bypasses AI Moderation with Single-Character Text Changes
  • AI Agents Run on Secret Accounts — Learn How to Secure Them in This Webinar
  • Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction
  • Non-Human Identities: How to Address the Expanding Security Risk
  • ConnectWise to Rotate ScreenConnect Code Signing Certificates Due to Security Risks

Copyright © TheCyberSecurity.News, All Rights Reserved.