Categories: Malware updates

MSBuild Abused for Execution of Cobalt Strike Beacon

Researchers uncovered two malicious campaigns that abuse MSBuild to drop Cobalt Strike on targeted machines. The attackers first gain access to the target environment with an RDP account. As per experts, the Windows Defender Application Control (WDAC) policy can prevent these kinds of attacks.

click here to read full Article

Related Post
  1. Log4j 2.17.1 out now, fixes new remote code execution bug
  2. Windows Finger command abused by phishing to download malware
  3. Blocked accounts abused in Evolution CMS SQL injection attacks

Read more on Malware updates & News

Leave a Comment
Leave a Comment
Share
Tags: abusedBeaconCobaltCobalt Strikeexecutionmalicious payloadMSBuildMSBuild attackRDP attackStrikeWindows services
2 years ago

Recent Posts

rewrite this tittle: Understanding Peer-to-Peer Crypto Trading: Benefits and Threats

Write a AI detection pass, persuasive, cickable, catchy, well structured and seo optimized article with… Read More

2 weeks ago

Human Art Will Become More Valuable with the Help of AI

AI Will Make Human Art More Valuable AI models are increasing in popularity and value… Read More

1 year ago

Report Claims UK Government to Restrict TikTok Usage on Smartphones

UK Set to Announce Ban on TikTok on Government Smartphones: Report Following in the footsteps… Read More

1 year ago

The Potential Impact of ChatGPT and Generative AI on Travel

How ChatGPT and Generative AI Could Change the Way We Travel The travel industry is… Read More

1 year ago

Unraveling the Enigma of Pluto: Is It a Dwarf Planet, Comet, or Asteroid? Uncover the Facts.

The curious case of Pluto! Is it a dwarf planet, comet or an asteroid? This… Read More

1 year ago

A LinkedIn Connection Request From a Spy

A Spy Wants to Connect with You on LinkedIn: How to Spot and Avoid Fake… Read More

1 year ago