Anomaly in pen-test tool made malware servers visible

4 March 2019

For four years, a security company was able to track command and control (C&C) traffic generated by several well-known hacking groups thanks to a tiny anomaly in a penetration-testing tool. This news emerged in a write-up by Fox-IT, which described how in 2015 one of its researchers spotted a small ‘whitespace’ error in HTTP responses from the ‘beacon’ NanoHTTPD-based web server that can be implanted inside a target network as part of a tool called Cobalt Strike.

Read full news article on Naked Security

Date:

4 March 2019

Categorie(s):

NEWS

Tag(s):

Cobalt Strike, Command And Control, IDS, Pen Testing, Penetration Testing, Security Pro, Security Threats, Vulnerability

Alert! Cisco Releases Critical Security Updates to Fix 2 ASA Firewall 0-Days25 April 2024
Pakistani APT Hackers Attacking Indian Govt Entities With Weaponized Shortcut Files25 April 2024
High Performance Podcast Duo to Unveil Secrets of Success at Infosecurity Europe 202425 April 2024
BforeAI raises $15 million to prevent attacks before they occur25 April 2024
Google Postpones Third-Party Cookie Deprecation Amid U.K. Regulatory Scrutiny25 April 2024