JK

The Google Cloud team has built a collection of #YARA signatures to detect older versions of #CobaltStrike that are commonly cracked and used by malicious threat actors.
#ThreatHunting #DFIR #threatdetection

https://cloud.google.com/blog/products/identity-security/making-cobalt-strike-harder-for-threat-actors-to-abuse

Making Cobalt Strike harder for threat actors to abuse | Google Cloud Blog

A new initiative from Google Cloud and Cobalt Strike’s vendor has made it easier to find and block cracked versions of the popular red team software.

Google Cloud Blog
Nov 21, 2022 at 5:48amWeb