cobalt strike (2)

10750232862?profile=RESIZE_400xChinese developers have created a new command-and-control (C2) framework with features and functionality similar to Cobalt Strike and Sliver. The new framework is called Manjusaka.

Cisco Talos researchers have discovered the C2 framework in the wild running in parallel with Cobalt strike.  The initial investigation began with a Cisco Talos response to a Cobalt Strike beacon detection that was installed from a malicious Microsoft Word Document.  The document was sent in an email as an attachment

7969666096?profile=RESIZE_400xIn a recent study by CrowdStrike regarding cyber threat activity show more intrusion attempts in the first six months of this year than in all of 2019.  The pandemic-related shift to remote work and the growing availability of Ransomware-as-a-Service (RaaS) were two major drivers.  Red Sky Alliance has reported on many of these ransomware groups and actors in detail in 2020.  These reports can be found at no charge at https://redskyalliance.org.

The security vendor's threat-hunting team blocked