MSBuild Abused for Execution of Cobalt Strike Beacon

Researchers uncovered two malicious campaigns that abuse MSBuild to drop Cobalt Strike on targeted machines. The attackers first gain access to the target environment with an RDP account. As per experts, the Windows Defender Application Control (WDAC) policy can prevent these kinds of attacks.

click here to read full Article

Read more on Malware updates & News

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *