At a glance.
- Google seeks to render Cobalt Strike less useful to threat actors.
- Daixin Team claims ransomware attack against AirAsia.
- DraftKings users suffer credential harvesting and paycard theft.
- Assessing cyber risk in the US pharmaceutical industry.
- Killnet claims successes few others can discern.
- In Ukraine, kinetic attacks on IT infrastructure eclipse cyberattacks.
Google seeks to render Cobalt Strike less useful to threat actors.
Cobalt Strike, a legitimate penetration testing toolset, has long been abused by criminals and state actors in the form of unlicensed, knock-off instances that they've used against their targets. Google is seeking to make such abuse more difficult by "releasing to the community a set of open-source YARA Rules and their integration as a VirusTotal Collection to help the community flag and identify Cobalt Strike’s components and its respective versions."