As well as the good guys using the bad guys’ tools, the bad guys also use the good guys’ stuff. Your red team should use CobaltStrike and take notice of what the test tells you before the bad guys do..:
[…] ‘WastedLocker’ is a relatively new breed of targeted ransomware and has been attributed to the notorious ‘Evil Corp’ cyber crime outfit from Russia.
Two Russian men who are alleged to be involved in the group have open indictments against them in the US.
Once the attackers gain access to the victim’s network, they use ‘Cobalt Strike’ commodity malware to steal credentials and move across the network in order to deploy the WastedLocker ransomware on multiple computers.