For at least eight months, cybercriminals have been distributing trojanized versions of KeePass, a password manager, to install Cobalt Strike beacons, steal credentials, and deploy ransomware on breached networks. The campaign was identified by WithSecure’s Threat Intelligence team, and they discovered that the adversaries had manipulated the open-source code of KeePass to create a version named KeeLoader, which includes a Cobalt Strike beacon and exports the password database. The Cobalt Strike watermarks used in this campaign have been linked to previous Black Basta ransomware attacks.
‘Grave and Epic Failure’ Due to Absence of National Security Strategy
Hey there, Bay Area friends! Let’s take a minute to chat about something that affects us all, whether we realize it or not. You know,
