Archives: August 2021
Cobalt Strike and Ransomware – Tracking An Effective Ransomware Campaign
Posted on August 31st, 2021
During the course of multiple incident response engagements, we encountered a persistent, unknown ransomware threat group utilizing an obfuscated Golang encryptor [1]. It is believed that the threat actors gained initial access through one or more SonicWall exploits [2], [3]. We can confirm prior sightings that Cobalt Strike was used by these threat actors to […]