From thehackernews.com
![Cobalt Strike Hacking Software](https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEjXgAtwQ41j1C3dJ9RBWFxdCkF5-a-URgxLKasvXftojzUU-WZDSSLJzqPz0k2tHPQ4BXX15QYYBtzAUYHQw_0sgQqDX1xsqDvdKa7muvA4YXvW4CZbFOXKajPluOeOqoONNWk_Xep9yblJgbWzHkImJ843eyIDGKbAcxN1-xdHMc6Uda_lVaGPx4-R/s728-e1000/cobalt-strike.jpg)
HelpSystems, the company behind the Cobalt Strike software platform, has released an out-of-band security update to address a remote code execution vulnerability that could allow an attacker to take control of targeted systems.
Cobalt Strike is a commercial red-team framework that’s mainly used for adversary simulation, but cracked versions of the software have been actively abused by ransomware operators and espionage-focused advanced persistent threat (APT) groups alike.
The post-exploitation tool consists of a team server, which functions as a command-and-control (C2) component, and a beacon, the default malware used to create a connection to the team server and drop next-stage payloads.