New Phishing Campaign Uses Office Docs to Install Cobalt Strike Beacon

by Stu Sjouwerman

14Oct, 2022

Under the guise of determining applicant eligibility for a U.S. federal government job, this latest phishing attack plants the seed for a future attack on the victim organization.

We’ve covered plenty of cyberattacks here that leverage a leaked version of Cobalt Strike Beacon to execute PowerShell scripts, log keystrokes, take screenshots, download files, and spawn other payloads. But normally, the use of Cobalt Strike Beacon has been covered in conjunction with a completed (and successful) attack on an organization.

Read the full blog story on our blog and discuss it here.