Red Teaming in Finance Financial security systems need to be among the most robust in the world. Since most cyberattacks are financially motivated, the industry presents a tantalizing and obvious target for both advanced nation-state attackers and low-level crooks. What Is Red Teaming for Financial Institutions? Red teaming goes a step beyond pen testing alone, […]
Product Line: Cobalt Strike
Red Teaming in Healthcare Cybersecurity
What is Red Teaming in Healthcare? AIM In healthcare red teaming, ethical hackers (cybersecurity experts hired by the healthcare organization) attempt to infiltrate the organization’s network and discover weaknesses that would result in compromise if not remediated. Red teaming utilizes any and all methods of attack available to threat actors, including social engineering, advanced persistent […]
Red Team Tools for Government and Public Sector
In an environment of heightened threats and digital volatility, government agencies and public sector entities need to meet the now inevitable wave of cyberattacks well-prepared. There can be no room for the element of surprise. And nothing readies teams, strategies, and solutions like comprehensively stress-testing your security defenses with a simulated real-world attack. In an […]
Read More… from Red Team Tools for Government and Public Sector
Industry
One of the original public red team command and control frameworks, Cobalt Strike has become the red teaming toolkit of choice across the finance, government, and healthcare sectors. We understand the unique threat types targeting your industry, and we give you the flexibility, interoperability, and payload generation needed to stay ahead of cyberattacks. Get out […]
Out of Band Update: Cobalt Strike 4.10.1
Cobalt Strike 4.10.1 is now available. This is an out of band update to fix issues that were discovered in Cobalt Strike 4.10 that we felt should be fixed before the next release. This update does not affect the 4.11 release which is well underway and due to ship in early 2025. Mutiple Team Server […]
Cobalt Strike Technical Demo Series
Demo Series: From C2 Setup to Advanced Evasion This technical demo series showcases four critical aspects of Cobalt Strike through targeted demonstrations. Each video focuses on a specific capability and the series will expand with each release. What’s Included: C2 Infrastructure – See C2 setup and management techniquesMalleable C2 vs DIY – Compare profile configuration […]
Welcome Darknet Diaries Listeners!
The Cobalt Strike team is excited to sponsor the Darknet Diaries podcast, which brings awareness to critical cybersecurity issues and encourages proactive efforts that bolster defenses against modern threats and attackers. Cobalt Strike is a threat emulation tool that enables security professionals to simulate the tactics and techniques of a stealthy long-term embedded attacker in […]
Cobalt Strike Staffing Changes and the Road Ahead
TLDR: Cobalt Strike Staffing Changes Recently there have been some internal changes within the Cobalt Strike team. Greg Darwin has switched to a new position within Fortra. Greg has been the face of Cobalt Strike within the community for a number of years and we thank Greg for all his work and effort he put […]
Read More… from Cobalt Strike Staffing Changes and the Road Ahead
Revisiting the UDRL Part 3: Beacon User Data
The UDRL and the Sleepmask are key components of Cobalt Strike’s evasion strategy, yet historically they have not worked well together. For example, prior to CS 4.10, Beacon statically calculated its location in memory using a combination of its base address and its section table. This calculation was then modified depending on the contents of […]
Read More… from Revisiting the UDRL Part 3: Beacon User Data
Cobalt Strike 4.10: Through the BeaconGate
Cobalt Strike 4.10 is now available. This release introduces BeaconGate, the Postex Kit, and Sleepmask-VS. In addition, we have overhauled the Sleepmask API, refreshed the Jobs UI, added new BOF APIs, added support for hot swapping C2 hosts, and more. This has been a longer release cycle than in previous releases to allow us to […]