Overview
A list of CobaltStrike Infrastructure from https://threatview.io/Downloads/High-Confidence-CobaltStrike-C2 -Feeds.txt
A list of CobaltStrike Infrastructure from https://threatview.io/Downloads/High-Confidence-CobaltStrike-C2 -Feeds.txt This CSV feed ingester is designed to import and process data on identified CobaltStrike command and control (C2) infrastructure from ThreatView.io. CobaltStrike is a commercial penetration testing tool frequently misused by threat actors for malicious purposes. The feed contains high-confidence indicators of servers running CobaltStrike C2 infrastructure, allowing security teams to block connections to these known malicious endpoints. By incorporating this intelligence into OpenCTI, organizations can proactively defend against attacks utilizing this popular threat actor tool, identify potential ongoing compromises, and enhance their network defense capabilities against threat campaigns.