Security alert: Fake Windows exploits the InfoSec community with a Cobalt Strike

On May 19th, 2022, researchers identified two Proof-of-Concept exploits (malicious software) hosted by the popular software development hosting provider, GitHub. The software targeted members of the InfoSec community in an attack known as a Cobalt Strike. The two files were disguised as Windows vulnerabilities fixed by Microsoft in April 2022. It is unknown how many people may have executed the malicious files and if any systems were compromised, but it is likely that the files will be tested in a sandbox environment so that any potential impact will be limited. What is InfoSec? InfoSec is the shortened name for Information… [Continue Reading]