![cobalt strike beacon multiple hosts cobalt strike beacon multiple hosts](https://www.cobaltstrike.com/wp-content/uploads/2013/09/beaconconsole2.png)
In the majority of the intrusions, the malware was distributed in the form of non-targeted phishing, such as mass malware spam campaigns. Over the last year, we have witnessed numerous intrusions where malware variants such as Trickbot, Hancitor, Bazar, and IcedID have been utilized as an entry point for ransomware attacks.
![cobalt strike beacon multiple hosts cobalt strike beacon multiple hosts](https://i.ytimg.com/vi/yt7xC1-h9ec/maxresdefault.jpg)
Intrusion statistics aligned to the MITRE ATT&CK framework Initial Access We also have artifacts available from our cases such as pcaps, memory captures, files, event logs including Sysmon, Kape packages, and more, under our Security Researcher and Organization services. More information on this service and others can be found here. We offer multiple services including a Threat Feed service which tracks Command and Control frameworks such as Cobalt Strike, Metasploit, Empire, PoshC2, etc. Report lead analysts and 1 unnamed contributor Services Shout out to our analysts who put this report together!
![cobalt strike beacon multiple hosts cobalt strike beacon multiple hosts](https://hstechdocs.helpsystems.com/manuals/cobaltstrike/current/userguide/content/images/init_java-scripted.png)
However, reviewing these common activities can help a defender prioritize their time and budget, to protect against some of the most common threat actor behaviors. This report will contain details from all of our public reports over 2021, this is not comprehensive of overall threat actor activity, as there is always inherit sampling and collection bias.
Cobalt strike beacon multiple hosts full#
In total, we reported on 20 incidents in 2021, the vast majority were initial access broker malware (Trickbot, IcedID, BazarLoader, etc.), which often lead to full domain compromise and ransomware. As we come to the end of the first quarter of 2022, we want to take some time to look back over our cases from 2021, in aggregate, and look at some of the top tactics, techniques and procedures (TTP’s) we observed.