Security News > 2019 > March > Bug in Cobalt Strike pentesting tool used to identify malicious servers

Bug in Cobalt Strike pentesting tool used to identify malicious servers
2019-03-01 09:21

An extraneous space in the HTTP responses of webservers run by a variety of malicious actors allowed Fox-IT researchers to identify them pretty easily for the past year and a half. This was possible because attackers have been using Cobalt Strike, a commercial penetration testing tool “designed to execute targeted attacks and emulate the post-exploitation actions of advanced threat actors”, and the version they’ve been using sported the uncommon whitespace in its server responses. Pinpointing … More → The post Bug in Cobalt Strike pentesting tool used to identify malicious servers appeared first on Help Net Security.


News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/cFAwxHxw-Wc/