Fortra, Microsoft, and Health-ISAC Curb Cobalt Strike Misuse by 80%
A collaborative effort by Fortra, Microsoft, and Health-ISAC has significantly curbed the misuse of Cobalt Strike, a legitimate pen testing tool, by cybercriminals. The two-year campaign has seen an 80% reduction in its unauthorized use.
The campaign, supported by the Cyber Threat Alliance, has been instrumental in combating the abuse of Cobalt Strike. Fortra, the tool's developer, has seized over 200 malicious domains and sinkholed them to prevent further exploitation. Operation Morpheus, led by the UK's National Crime Agency, has flagged 690 IP addresses and taken down 593 to disable unauthorized versions of the tool.
The average time between initial detection and takedown of unauthorized Cobalt Strike use has been drastically reduced. In the US, this period is now under a week, and globally, it's less than a fortnight. Fortra continues to send takedown notices to hosting providers to raise awareness and protect legitimate users.
The successful campaign against Cobalt Strike abuse demonstrates the power of collaboration between tech companies, law enforcement, and cybersecurity alliances. With continued efforts, the misuse of legitimate tools for malicious purposes can be effectively mitigated.
Read also:
- Mural at blast site in CDMX commemorates Alicia Matías, sacrificing life for granddaughter's safety
- Microsoft's Patch Tuesday essential fixes: 12 critical vulnerabilities alongside a Remote Code Execution flaw in SharePoint
- Swedish Housing Associations Hike Fees by 8.1% Amidst Inflation and Interest Rate Surge
- British intelligence agency MI6 establishes a covert dark web platform named 'Silent Courier' in Istanbul for the purpose of identifying and enlisting secret agents.
