Get a Pentest and security assessment of your IT network.

Cyber Security

Microsoft Defender ATP scars admins with false Cobalt Strike alerts

Administrators woke up to a scary surprise today after false positives in Microsoft Defender ATP showed network devices infected with Cobalt Strike. The bad signature causing the false positive has also been fixed, and admins should no longer see new alerts. An alert for a Cobalt strike beacon is a severe detection and, if you received such alerts, you are better off being safe than sorry and should perform a sweep of all affected devices. Attackers use cracked versions of Cobalt. to gain persistent remote access to a compromised network and are commonly used during ransomware attacks.

Source: https://www.bleepingcomputer.com/news/microsoft/microsoft-defender-atp-scars-admins-with-false-cobalt-strike-alerts/

Related posts
Cyber Security

Zip Codes & PII: Are They Personal Data?

Cyber Security

Zero-Day Vulnerabilities: User Defence Guide

Cyber Security

Zero Knowledge Voting with Trusted Server

Cyber Security

ZeroNet: 51% Attack Risks & Mitigation