Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-03-04TelsyTelsy
Legitimate Sites Used As Cobalt Strike C2s Against Indian Government
Cobalt Strike
2022-02-22eSentireeSentire Threat Response Unit (TRU)
IcedID to Cobalt Strike In Under 20 Minutes
Cobalt Strike IcedID PhotoLoader
2022-02-22Bleeping ComputerBill Toulas
Vulnerable Microsoft SQL Servers targeted with Cobalt Strike
Cobalt Strike Kingminer Lemon Duck
2022-02-21ASEC
Cobalt Strike Being Distributed to Vulnerable MS-SQL Servers
Cobalt Strike Lemon Duck
2022-02-20Medium SOCFortressSOCFortress
Detecting Cobalt Strike Beacons
Cobalt Strike
2022-02-18Huntress LabsMatthew Brennan
Hackers No Hashing: Randomizing API Hashes to Evade Cobalt Strike Shellcode Detection
Cobalt Strike
2022-02-16Security OnionDoug Burks
Quick Malware Analysis: Emotet Epoch 5 and Cobalt Strike pcap from 2022-02-08
Cobalt Strike Emotet
2022-02-15eSentireeSentire Threat Response Unit (TRU)
Increase in Emotet Activity and Cobalt Strike Deployment
Cobalt Strike Emotet
2022-02-10CybereasonCybereason Global SOC Team
Threat Analysis Report: All Paths Lead to Cobalt Strike - IcedID, Emotet and QBot
Cobalt Strike Emotet IcedID QakBot
2022-01-24The DFIR ReportThe DFIR Report
Cobalt Strike, a Defender’s Guide – Part 2
Cobalt Strike
2022-01-19ElasticAndrew Pease, Daniel Stepanic, Derek Ditch, Seth Goodwin
Extracting Cobalt Strike Beacon Configurations
Cobalt Strike
2022-01-19ElasticAndrew Pease, Daniel Stepanic, Derek Ditch, Seth Goodwin
Collecting Cobalt Strike Beacons with the Elastic Stack
Cobalt Strike
2022-01-19SophosColin Cowie, Mat Gangwer, Sophos MTR Team, Stan Andic
Zloader Installs Remote Access Backdoors and Delivers Cobalt Strike
Cobalt Strike Zloader
2022-01-16forensicitguyTony Lambert
Analyzing a CACTUSTORCH HTA Leading to Cobalt Strike
CACTUSTORCH Cobalt Strike
2022-01-15Huntress LabsTeam Huntress
Threat Advisory: VMware Horizon Servers Actively Being Hit With Cobalt Strike (by DEV-0401)
Cobalt Strike
2022-01-11CybereasonChen Erlich, Daichi Shimabukuro, Niv Yona, Ofir Ozer, Omri Refaeli
Threat Analysis Report: DatopLoader Exploits ProxyShell to Deliver QBOT and Cobalt Strike
Cobalt Strike QakBot Squirrelwaffle
2022-01-09forensicitguyTony Lambert
Inspecting a PowerShell Cobalt Strike Beacon
Cobalt Strike
2021-12-29Blake's R&DBlake
Cobalt Strike DFIR: Listening to the Pipes
Cobalt Strike
2021-12-28Morphus LabsRenato Marinho
Attackers are abusing MSBuild to evade defenses and implant Cobalt Strike beacons
Cobalt Strike
2021-12-07Bleeping ComputerLawrence Abrams
Emotet now drops Cobalt Strike, fast forwards ransomware attacks
Cobalt Strike Emotet