Skip to main content

Fake Windows exploits target infosec community with Cobalt Strike

posted onMay 24, 2022
by l33tdawg
Bleeping Computer
Credit: Bleeping Computer

A threat actor targeted security researchers with fake Windows proof-of-concept exploits that infected devices with the Cobalt Strike backdoor.

Whoever is behind these attacks took advantage of recently patched Windows remote code execution vulnerabilities tracked as CVE-2022-24500 and CVE-2022-26809.

When Microsoft patches a vulnerability, it is common for security researchers to analyze the fix and release proof-of-concept exploits for the flaw on GitHub. These proof-of-concept exploits are used by security researchers to test their own defenses and to push admins to apply security updates. However, threat actors commonly use these exploits to conduct attacks or spread laterally within a network.

Source

Tags

Security

You May Also Like

Recent News

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th

Friday, June 7th