* . *
  • About
  • Advertise
  • Privacy & Policy
  • Contact
Monday, August 25, 2025
Earth-News
  • Home
  • Business
  • Entertainment
    Quotes of the Week: Peacemaker, Project Runway, Countdown and More – yahoo.com

    This Week’s Most Memorable Quotes from Peacemaker, Project Runway, Countdown, and More!

    Drake Appears in Teaser for Bobbi Althoff’s New Podcast ‘Not This Again’ – yahoo.com

    Drake Drops a Surprise Cameo in Bobbi Althoff’s Thrilling New Podcast Teaser ‘Not This Again

    From polka to Poison, Corn Palace adjusts entertainment offerings with the times – Mitchell Republic

    From polka to Poison, Corn Palace adjusts entertainment offerings with the times – Mitchell Republic

    How to watch ‘F1: The Movie’ on Prime Video – About Amazon

    Experience the Thrill: How to Stream ‘F1: The Movie’ on Prime Video

    FOX One is now available on Prime Video: Here’s everything to know – About Amazon

    FOX One is now available on Prime Video: Here’s everything to know – About Amazon

    What Are Our Predictions for Taylor Swift’s ‘Life of a Showgirl’ Based on What She’s Told Us So Far? – yahoo.com

    Uncover the Hidden Surprises in Taylor Swift’s ‘Life of a Showgirl’ – Can You Decode Her Clues?

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology
    Figure Technology Solutions, Inc. Files Registration Statement for Proposed Initial Public Offering – Business Wire

    Figure Technology Solutions, Inc. Unveils Exciting Plans for Its Upcoming Initial Public Offering

    UNLV Responds to Workforce Need with Microcredential in Nuclear Technology – University of Nevada, Las Vegas | UNLV

    UNLV Unveils Cutting-Edge Microcredential Program to Fuel Growth in Nuclear Technology

    Why Technology Will Never Take Over Completely – Patheos

    Why Technology Will Never Completely Control Our Lives

    Alcorn State awarded grant to boost STEM with VR technology – WJTV

    Alcorn State Secures Grant to Transform STEM Education Through Cutting-Edge VR Technology

    Hyundai: The Only Way To Beat China Is To Embrace Technology – InsideEVs

    Hyundai’s Bold Strategy to Outpace China with Cutting-Edge Technology

    Teaching older adults how to use technology – WWNY

    Empowering Older Adults to Master Technology with Confidence

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
  • Home
  • Business
  • Entertainment
    Quotes of the Week: Peacemaker, Project Runway, Countdown and More – yahoo.com

    This Week’s Most Memorable Quotes from Peacemaker, Project Runway, Countdown, and More!

    Drake Appears in Teaser for Bobbi Althoff’s New Podcast ‘Not This Again’ – yahoo.com

    Drake Drops a Surprise Cameo in Bobbi Althoff’s Thrilling New Podcast Teaser ‘Not This Again

    From polka to Poison, Corn Palace adjusts entertainment offerings with the times – Mitchell Republic

    From polka to Poison, Corn Palace adjusts entertainment offerings with the times – Mitchell Republic

    How to watch ‘F1: The Movie’ on Prime Video – About Amazon

    Experience the Thrill: How to Stream ‘F1: The Movie’ on Prime Video

    FOX One is now available on Prime Video: Here’s everything to know – About Amazon

    FOX One is now available on Prime Video: Here’s everything to know – About Amazon

    What Are Our Predictions for Taylor Swift’s ‘Life of a Showgirl’ Based on What She’s Told Us So Far? – yahoo.com

    Uncover the Hidden Surprises in Taylor Swift’s ‘Life of a Showgirl’ – Can You Decode Her Clues?

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology
    Figure Technology Solutions, Inc. Files Registration Statement for Proposed Initial Public Offering – Business Wire

    Figure Technology Solutions, Inc. Unveils Exciting Plans for Its Upcoming Initial Public Offering

    UNLV Responds to Workforce Need with Microcredential in Nuclear Technology – University of Nevada, Las Vegas | UNLV

    UNLV Unveils Cutting-Edge Microcredential Program to Fuel Growth in Nuclear Technology

    Why Technology Will Never Take Over Completely – Patheos

    Why Technology Will Never Completely Control Our Lives

    Alcorn State awarded grant to boost STEM with VR technology – WJTV

    Alcorn State Secures Grant to Transform STEM Education Through Cutting-Edge VR Technology

    Hyundai: The Only Way To Beat China Is To Embrace Technology – InsideEVs

    Hyundai’s Bold Strategy to Outpace China with Cutting-Edge Technology

    Teaching older adults how to use technology – WWNY

    Empowering Older Adults to Master Technology with Confidence

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
Earth-News
No Result
View All Result
Home Technology

Europol nukes nearly 600 IP addresses in Cobalt Strike crackdown

July 4, 2024
in Technology
Europol nukes nearly 600 IP addresses in Cobalt Strike crackdown
Share on FacebookShare on Twitter

Europol just announced that a week-long operation at the end of June dropped nearly 600 IP addresses that supported illegal copies of Cobalt Strike.

Fortra’s legitimate red-teaming tool is notorious for being widely abused by cybercriminals, who source cracked copies of the tool for use in malware and ransomware operations like Ryuk, Trickbot, and Conti.

Europol said the disruptive action, dubbed Operation Morpheus, is the culmination of work that began three years ago. It was carried out with partners in the private sector between June 24 and 28.

“Throughout the week, law enforcement flagged known IP addresses associated with criminal activity, along with a range of domain names used by criminal groups, for online service providers to disable unlicensed versions of the tool,” it said today.

“A total of 690 IP addresses were flagged to online service providers in 27 countries. By the end of the week, 593 of these addresses had been taken down.

“This investigation was led by the UK National Crime Agency and involved law enforcement authorities from Australia, Canada, Germany, the Netherlands, Poland, and the United States. Europol coordinated the international activity and liaised with the private partners.”

Various private sector partners supported the week-long sprint, including BAE Systems Digital Intelligence, Trellix, Spamhaus, abuse.ch, and The Shadowserver Foundation. 

The partners used Europol’s Malware Information Sharing Platform to submit pieces of evidence and threat intelligence that supported the disruption efforts. The Euro cop shop said more than 730 pieces of threat intel were shared as well as nearly 1.2 million indicators of compromise over the course of the entire operation.

“Cobalt Strike is the Swiss Army knife of cybercriminals and nation-state actors,” said Don Smith, vice president of threat intelligence at Secureworks. “Cobalt Strike has long been the tool of choice for cybercriminals, including as a precursor to ransomware. It is also deployed by nation-state actors, such as Russian and Chinese [groups], to facilitate intrusions in cyber espionage campaigns.

“Used as a foothold, it has proven to be highly effective at providing a persistent backdoor to victims, facilitating intrusions of all forms. This disruption is to be welcomed, removing Cobalt Strike infrastructure used by criminals is always a good thing.”

Trellix’s Joao Marques, John Fokker, and Leandro Velasco also blogged about their involvement in Operation Morpheus. They said that while the disruption activity will make criminals rethink their use of Cobalt Strike, its data shows that the work didn’t touch China.

According to its telemetry, China hosts 43.85 percent of Cobalt Strike resources. To put that in context, the next biggest distributor is the US with a 19.08 percent share.

Contrast that with the country that bears the brunt of the most Cobalt Strike attacks (the US with a 45.04 percent share) and you can take an educated guess as to where the criminals that abuse Fortra’s tool the most reside.

“The dismantling of Cobalt Strike infrastructure sends a powerful message to cybercriminals and nation-state actors about the repercussions of malicious cyber activities,” said the researchers.

The NCA said in a statement: “This disruption activity represents more than two-and-a-half years of NCA-led international law enforcement and private industry collaboration to identify, monitor and denigrate its use.”

Russia’s cyber spies still threatening French national security, democracy

Here’s yet more ransomware using BitLocker against Microsoft’s own users

Crims abusing Microsoft Quick Assist to deploy Black Basta ransomware

Beijing-backed cyberspies attacked 70+ orgs across 23 countries

While law enforcement agencies acknowledged the “significant steps” Fortra has taken to prevent its powerful post-exploitation tool from being misused, Trellix’s team wasn’t as positive.

Marques, Fokker, and Velasco said they welcomed Fortra’s collaboration with Operation Morpheus and the measures taken to prevent Cobalt Strike’s misuse, but alluded to lingering concerns.

“We are very content to see that Fortra, the current owners of Cobalt Strike, have collaborated in the operation and are implementing more sophisticated measures to prevent cracking their software,” they said.

“However, it is important to address the longstanding stance of Cobalt Strike under previous ownership, regarding its restrictions to purchase a license for cybersecurity vendors. Many cybersecurity vendors believe this decision has inadvertently fostered a precarious environment where cybercriminals exploit cracked versions of Cobalt Strike for malicious activities and vendors are not able to defend against its misuse.

“Although these new measures are a very good step in the right direction, we are eager to do more. This situation underscores the need for more integral collaborative efforts to protect organizations against the abuse of Cobalt Strike. We call on Cobalt Strike to reconsider its policies and collaborate with cybersecurity vendors to enhance products and combat the misuse of these powerful tools.”

We asked Trellix about the specific issues they’re referring to and will update the article when answers come in.

Take two

Operation Morpheus’s efforts come just over a year after Microsoft, Fortra, and Health-ISAC took a case to court, getting legal permission to take down various IP addresses it located that hosted cracked versions of Cobalt Strike.

This followed Google offering a different kind of support in the fight against the abuse of Cobalt Strike. In 2022 it worked up and open-sourced a list of 165 YARA rules to help organizations swiftly quash any of the 34 versions the Chocolate Factory identified in circulation at the time.

However, even last year when the first round of IP addresses was neutralized, investigators knew it wasn’t going to be enough.

“While this action will impact the criminals’ immediate operations, we fully anticipate they will attempt to revive their efforts,” said Amy Hogan-Burney, general manager of the Microsoft security unit at the time. “Our action is therefore not one and done.”

Since Fortra bought Cobalt Strike in 2020, it has made strides in ensuring criminals don’t get access to legitimate versions of its tools. For example, it soon started vetting all applicants vigorously before giving licenses out, but cracked versions in hard-to-reach places like China may prove difficult to eradicate for good.

Paul Foster, director of Threat Leadership at the National Crime Agency, said: “Although Cobalt Strike is a legitimate piece of software, sadly cybercriminals have exploited its use for nefarious purposes.

“Illegal versions of it have helped lower the barrier of entry into cybercrime, making it easier for online criminals to unleash damaging ransomware and malware attacks with little or no technical expertise.

“Such attacks can cost companies millions in terms of losses and recovery.”

He urged businesses that have been a victim of cyber crime to “come forward and report such incidents to law enforcement.” ®

>>> Read full article>>>
Copyright for syndicated content belongs to the linked Source : The Register – https://go.theregister.com/feed/www.theregister.com/2024/07/04/europol_cobalt_strike_crackdown/

Tags: Europolnukestechnology
Previous Post

ITER delays first plasma for world’s biggest fusion power rig by a decade

Next Post

Row erupts over data sharing function in UK doctor software

Eightmile Dam rebuild & restoration – Washington State Department of Ecology (.gov)

Breathing New Life into Eightmile Dam: An Ambitious Rebuild and Restoration Effort

August 24, 2025
Scientists Sequenced the DNA of the ‘Last Neanderthal’—and It Alters Human History – yahoo.com

Scientists Unlock the DNA of the ‘Last Neanderthal,’ Revolutionizing Our View of Human History

August 24, 2025
RIKEN, Japan’s Leading Science Institute, Taps Fujitsu and NVIDIA for Next Flagship Supercomputer – NVIDIA Blog

Japan’s Leading Science Institute Teams Up with Fujitsu and NVIDIA to Create Next-Generation Supercomputer

August 24, 2025
Is a relief rally coming for Equity LifeStyle Properties Inc. holders – July 2025 Retail & Weekly High Return Opportunities – Newser

Is a relief rally coming for Equity LifeStyle Properties Inc. holders – July 2025 Retail & Weekly High Return Opportunities – Newser

August 24, 2025
Figure Technology Solutions, Inc. Files Registration Statement for Proposed Initial Public Offering – Business Wire

Figure Technology Solutions, Inc. Unveils Exciting Plans for Its Upcoming Initial Public Offering

August 24, 2025
‘Holy grail’ MJ-Kobe card sells for record $12.9M – ESPN

Holy Grail’ MJ-Kobe Card Smashes Records with $12.9 Million Sale

August 24, 2025
Julia Schell scores six tries as Canada thrash Fiji in Women’s Rugby World Cup – The Guardian

Julia Schell scores six tries as Canada thrash Fiji in Women’s Rugby World Cup – The Guardian

August 24, 2025
Why Tipping Feels Out of Control in Today’s Economy – MSN

Why Tipping Feels Out of Control in Today’s Economy – MSN

August 24, 2025
Quotes of the Week: Peacemaker, Project Runway, Countdown and More – yahoo.com

This Week’s Most Memorable Quotes from Peacemaker, Project Runway, Countdown, and More!

August 24, 2025
New report demonstrates that corporal punishment harms children’s health – World Health Organization (WHO)

Shocking New Findings Expose the Serious Harm Corporal Punishment Inflicts on Children’s Health

August 24, 2025

Categories

Archives

August 2025
MTWTFSS
 123
45678910
11121314151617
18192021222324
25262728293031
« Jul    
Earth-News.info

The Earth News is an independent English-language daily published Website from all around the World News

Browse by Category

  • Business (20,132)
  • Ecology (788)
  • Economy (808)
  • Entertainment (21,687)
  • General (16,652)
  • Health (9,848)
  • Lifestyle (821)
  • News (22,149)
  • People (810)
  • Politics (817)
  • Science (16,020)
  • Sports (21,307)
  • Technology (15,789)
  • World (789)

Recent News

Eightmile Dam rebuild & restoration – Washington State Department of Ecology (.gov)

Breathing New Life into Eightmile Dam: An Ambitious Rebuild and Restoration Effort

August 24, 2025
Scientists Sequenced the DNA of the ‘Last Neanderthal’—and It Alters Human History – yahoo.com

Scientists Unlock the DNA of the ‘Last Neanderthal,’ Revolutionizing Our View of Human History

August 24, 2025
  • About
  • Advertise
  • Privacy & Policy
  • Contact

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

Go to mobile version