A number of cybersecurity businesses, including Microsoft, launched a full-scale legal crackdown on one of the primary hacking tools used by malware criminal groups in their operations.
Microsoft, Fortra, and the Health Information Sharing and Analysis Center (H-ISAC) announced a broad legal strategy to combat malicious versions of Fortra’s Cobalt Strike and Microsoft’s software development kits.
Cobalt Strike is a popular penetration testing program that allows businesses to evaluate their security defenses prior to an assault. Malicious hackers, on the other hand, have used a hacked version of the tool for years to execute devastating ransomware attacks and other issues.
In November 2021, the Department of Health and Human Services issued a warning to healthcare organizations that both state-backed hackers and cybercriminal groups were using the technique in their attacks. The now-defunct Conti ransomware group sought to utilize Cobalt Strike to implant malware on Ireland’s publicly funded healthcare system the same year.
On Friday, the United States District Court for the Eastern District of New York granted the organizations a court order authorizing them to confiscate domain names where hostile actors had been storing and disseminating malicious copies of Cobalt Strike.
The court ruling permits Microsoft, Fortra, and the H-ISAC to auto
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: