ThreatDown Powered by Malwarebytes
  • Nebula support
  • OneView support
  • Nebula sign in
  • OneView sign in
  • Partner Portal sign in

    • Products

    • Endpoint Detection & Response (EDR)
    • Endpoint Protection
    • Vulnerability Assessment
    • Patch Management
    • Application Block
    • DNS Filtering
    • Mobile Security

    • Services

    • Managed Detection & Response (MDR)
    • Managed Threat Hunting
    • Premium Support

    • Platforms

    • Nebula

    • Manage your organization’s endpoint security in a single-tenant console

      Nebula customer sign in >

    • OneView

    • Provides MSPs centralized visibility and management capabilities across customer sites

      OneView customer sign in >

    • Explore Partnerships

    • Review program benefits, innovative technology, channel first mentality

    • Managed Service Providers

    • Everything MSPs need to run their business seamlessly

    • Technology Partners

    • Explore our technology integrations

    • Resellers

    • Build growth, profitability, and customer loyalty

    • Retain and grow your business with tools, education, and support in the partner experience center.

      Sign in to PXC >

    • Threat Center

    • Learn about the latest threat news

    • Reports
    • Threat Detections
    • Executive POV
    • Glossary
    • Blog
    • Resource Center

    • Learn more about ThreatDown

    • Case Studies
    • Products & Review
    • Cybersecurity Tips & Tricks
    • Webinars
    • About Us

    • Dive into the threats that matter in the year of autonomous AI and “dark horse” ransomware.

      Download now >

    Pricing

    • Why ThreatDown

    • About Us
    • ThreatDown vs. Competition
    • Case Studies

    • ThreatDown named Product of the Year by MRG Effitas.

      Learn more >

    Get a quote
    Buy now
    Home > Blog

    Cobalt Strike

    Powershell

    How the Black Basta ransomware gang hides Cobalt Strike beacons with PowerShell

    Ransomware gangs love PowerShell.
    4 minutes
    Cobalt Strike

    Law enforcement takes out hundreds of malicious Cobalt Strike servers

    International law enforcement agencies have revealed a three-year operation to combat Cobalt Strike servers used by cybercriminals.
    1 minute
    Word document

    GrimResource MSC attack uses 5-year-old vulnerability

    Cybercriminals' search for an alternative to Office macros has brought them to MSC files used by the Microsoft Management Console.
    2 minutes
    file transfer illustration

    Update now! GoAnywhere MFT zero-day patched

    2 minutes
    man holding a finger across his lips

    Silence is golden partner for Truebot and Clop ransomware

    3 minutes
    Cobalt Strikes again: UAC-0056 continues to target Ukraine in its latest campaign

    Cobalt Strikes again: UAC-0056 continues to target Ukraine in its latest campaign

    7 minutes
    Unpatched Atlassian Confluence vulnerability is actively exploited

    [updated]Unpatched Atlassian Confluence vulnerability is actively exploited

    4 minutes
    A multi-stage PowerShell based attack targets Kazakhstan

    A multi-stage PowerShell based attack targets Kazakhstan

    5 minutes
    Multi-stage APT attack drops Cobalt Strike using Malleable C2 feature

    Multi-stage APT attack drops Cobalt Strike using Malleable C2 feature

    69 minutes

    Categories

    Breaches
    Product News
    Ransomware
    Threat Intelligence
    Vulnerabilities
    X (formerly Twitter)
    ThreatDown Powered by Malwarebytes

    Products & Services

    Endpoint Detection & Response
    Endpoint Protection
    Managed Detection & Response
    Pricing

    Partners

    MSP
    Resellers
    Technology Partners
    Become a Partner

    Resources

    Threat Center
    Resource Center
    Blog
    Glossary

    Managed Services Terms & Conditions

    Managed Service Teams
    MTH Service Description
    MDR Service Description

    Support

    Nebula Support
    OneView Support

    Get in Touch

    Contact Us
    Schedule a Meeting
    Request a Demo

    ThreatDown Newsletter

    Get cybersecurity news and tips from our security experts in your mailbox.

  • Legal
  • Privacy
  • Accessibility
  • Compliance Certifications
  • Vulnerability Disclosure
  • Terms of Service

    • © 2025 All Rights Reserved