Security News > 2022 > May > Fake Windows exploits targets infosec community with Cobalt Strike

Fake Windows exploits targets infosec community with Cobalt Strike
2022-05-23 20:12

A threat actor targeted security researchers with fake Windows proof-of-concept exploits that infected devices with the Cobalt Strike backdoor.

Threat actors commonly use these exploits to conduct attacks or spread laterally within a network.

Last week, a threat actor published two proof-of-concept exploits on GitHub for the Windows CVE-2022-24500 and CVE-2022-26809 vulnerabilities on GitHub.

It soon became apparent that these proof-of-concept exploits were fake and installed Cobalt Strike beacons on people's devices.

Cobalt Strike is a legitimate pentesting tool that threat actors commonly use to breach and spread laterally through an organization.

In March 2021, North Korean hackers again targeted the infosec community by creating a fake cybersecurity company called SecuriElite.


News URL

https://www.bleepingcomputer.com/news/security/fake-windows-exploits-targets-infosec-community-with-cobalt-strike/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2022-04-15 CVE-2022-26809 Unspecified vulnerability in Microsoft products
Remote Procedure Call Runtime Remote Code Execution Vulnerability
0.0
2022-04-15 CVE-2022-24500 Unspecified vulnerability in Microsoft products
Windows SMB Remote Code Execution Vulnerability
0.0