Cobalt Strike is a legitimate, commercially available security tool used by network penetration testers. The legit security tool has shown up 161 percent more, year-over-year, in cyberattacks, researchers say. The tool is increasingly being used as an initial access payload, not a second-stage tool that s used after attackers have gained access, they say. Cobalt strike is still a high-volume threat, the researchers said in a report published on Tuesday. The bulk of attacks in 2020 were pulled off by criminal threat actors, they said.
Source: https://threatpost.com/cobalt-strike-cybercrooks/167368/