Hacking groups and ransomware operations are moving away from Cobalt Strike to the newer Brute Ratel post-exploitation toolkit to evade detection by EDR and antivirus solutions.
Corporate cybersecurity teams commonly consist of employees who attempt to breach corporate networks (red team) and those who actively defend against them (blue team). Both teams then share notes after engagements to strengthen the cybersecurity defenses of a network.
For years, one of the most popular tools in red team engagements has been Cobalt Strike, a toolkit allowing attackers to deploy “beacons” on compromised devices to perform remote network surveillance or execute commands.
Read more…
Source: Bleeping Computer