Cobalt Strike is typically used by companies for penetration testing and is used by cyber criminals for attacks, says Proofpoint.
The same powerful tool that companies use to improve their security is used by cyber criminals to break their security. The popular Cobalt Strike penetration testing program saw malicious use grow 161% from 2019 to 2020 and is considered a high-volume threat for 2021, according to a report released Tuesday by security vendor Proofpoint.
SEE: Ransomware: What IT Pros Need To Know (Free PDF)
When analyzing the improper use of Cobalt Strike, Proofpoint found that the tool is increasingly being used by attackers as an initial access payload, which means that it is targeting the initial malicious payload …