Threat Management
Nighthawk red-teaming tool likely to be exploited in cyberattacks
Share
More threat actors are expected to leverage the commercial red-teaming tool Nighthawk in cyberattacks, reports SecurityWeek.
Proofpoint researchers discovered that Nighthawk, which is a commercially sold remote access trojan similar to Cobalt Strike and Brute Ratel, has been initially leveraged by a legitimate red team operation last month, and while there have been no threat actors proliferating leaked versions of the tool online, security professionals have been urged to monitor in-the-wild exploitation.
"Nighthawk could see rapid adoption by threat actors wanting to diversify their methods and add a relatively unknown framework to their arsenal," said Proofpoint.
Nighthawk vendor MDSec assured that the tool features layered controls aimed at preventing malicious exploitation but Proofpoint warned about the dangers of not assuming potential risks associated with Nighthawk.
"Historic adoption of [legitimate hacking] tools by advanced adversaries, including those aligned with state interests and engaging in espionage, provides a template for possible future threat landscape developments," Proofpoint added.
Related Events
Related Terms
BackdoorBlack HatBotnetCorruptionDeauthentication AttackDefacementDictionary AttackDisruptionDumpSecDumpster DivingGet daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds