Security researchers have discovered Cobalt Strike denial of service (DoS) vulnerabilities that allow blocking beacon command-and-control (C2) communication channels and new deployments. CobaltStrike is a legitimate penetration testing tool designed to be used as an attack framework by red teams (groups of security professionals who act as attackers on their own organization’s infrastructure to discover security gaps and vulnerabilities) The vulnerabilities are collectively tracked as CVE-2021-36798 (and dubbed Hotcobalt) in the latest versions of Cobalt strike’s server.
Source: https://www.bleepingcomputer.com/news/security/new-cobalt-strike-bugs-allow-takedown-of-attackers-servers/