COBALT MIRAGE APT Group Leverages Drokbk Malware
An intrusion carried out by the COBALT MIRAGE threat group leveraged the multi-functional Drokbk malware for persistence and to execute additional commands received from the command-and-control server.
The actor took advantage of two Log4j vulnerabilities in a VMware Horizon server for initial access.
To determine its C2 server, the malware used the dead drop resolver technique and legitimate Internet services.
Featured Resources
blog
Cloud Security Threats You Can’t Afford to Ignore in 2025
Cloud environments have become mission-critical, but they’re also difficult to secure. Despite significant investment in cloud security tools, 61% of
blog
Exploiting BadSuccessor: Cymulate Launches New Advanced Breach Simulation Scenario
At Cymulate, our mission is to stay ahead of evolving threats by transforming cutting-edge research into real-world security testing tools.
blog
11 Email Threats Your Organization Needs to Know
Email remains the primary entry point for cyberattacks. From nation-state actors to low-level cybercriminals, adversaries continually exploit the ubiquity and