Product Line: Cobalt Strike

Fortra Cobalt Strike Demo Session – May 2025

Join a technical walkthrough of Cobalt Strike’s advanced capabilities for post-exploitation and adversary simulation. In the session, Cobalt Strike developers and researchers will demonstrate usage of the product and show the advanced evasion and customization of Cobalt Strike through hands-on demos. The session will be presented by Cobalt Strike product team members Pieter Ceelen and […]

Read More… from Fortra Cobalt Strike Demo Session – May 2025

Red Team Use Case: Government Agency

Background A government agency responsible for critical public services commissions a Red Team engagement to assess its cybersecurity resilience. The exercise simulates an advanced persistent threat (APT) attack, testing the agency’s ability to detect, respond to, and mitigate cyber threats targeting sensitive government data, public infrastructure, and national security.  Phase 1: Initial Access Operations  The […]

Read More… from Red Team Use Case: Government Agency

Red Team Use Case: Financial Institution

Background  A large financial institution conducts an assumed breach exercise to test its cybersecurity resilience. The Red Team is tasked with simulating an advanced persistent threat (APT) attack, while the Blue Team monitors, detects, and mitigates threats in real-time.  Phase 1: Initial Access Operations  The Red Team conducts reconnaissance on the Financial Institution’s employees using […]

Read More… from Red Team Use Case: Financial Institution

Red Team Use Case: Healthcare

Background A regional hospital network conducts a Red Team engagement to evaluate its cybersecurity defenses. The exercise aims to simulate a sophisticated cyberattack targeting patient data, medical devices, and critical infrastructure, testing the hospital’s ability to detect, respond to, and recover from an intrusion.  Phase 1: Initial Access Operations  The Red Team begins by gathering […]

Read More… from Red Team Use Case: Healthcare

Red Teaming in the Financial Sector

Because of the invaluable data they possess, financial institutions remain a favorite target of malicious actors, with cyberattacks in the sector up more than 400% in three years. Fortunately, offensive security measures like red teaming can augment defensive tactics, giving security teams in the financial sector an additional leg up. Red team engagements test an […]

Read More… from Red Teaming in the Financial Sector

Cobalt Strike 4.11: Shhhhhh, Beacon is Sleeping….

Posted on

Cobalt Strike 4.11 is now available. This release introduces a novel Sleepmask, a novel process injection technique, new out-of-the-box obfuscation options for Beacon, asynchronous BOFs, and a DNS over HTTPS (DoH) Beacon. Additionally, we have overhauled Beacon’s reflective loader and there are numerous QoL updates. Out-of-the-Box Evasion Overhaul The focus of this release (and the […]

Read More… from Cobalt Strike 4.11: Shhhhhh, Beacon is Sleeping….

Update: Stopping Cybercriminals from Abusing Cobalt Strike

Posted on

Since 2023, Microsoft’s Digital Crimes Unit (DCU), Fortra, and the Health Information Sharing and Analysis Center (Health-ISAC) have been working together to combat the use of unauthorized, legacy copies of Cobalt Strike and compromised Microsoft software, which have been weaponized by cybercriminals to deploy ransomware  and other malware, causing significant harm to critical sectors like […]

Read More… from Update: Stopping Cybercriminals from Abusing Cobalt Strike

Red Teaming in Healthcare Cybersecurity  

What is Red Teaming in Healthcare?   AIM In healthcare red teaming, ethical hackers (cybersecurity experts hired by the healthcare organization) attempt to infiltrate the organization’s network and discover weaknesses that would result in compromise if not remediated. Red teaming utilizes any and all methods of attack available to threat actors, including social engineering, advanced persistent […]

Read More… from Red Teaming in Healthcare Cybersecurity