Google Cloud’s intelligence research and applications team has created and released a collection of 165 YARA rules to help defenders flag Cobalt Strike components deployed by attackers. “Our intention is to move the tool back to the domain of legitimate red teams and make it harder for bad guys to abuse,” says Greg Sinclair, a security engineer with Google Cloud Threat Intelligence. The problem with Cobalt Strike Cobalt Strike, a legitimate adversary simulation tool used … More
The post Google seeks to make Cobalt Strike useless to attackers appeared first on Help Net Security.