First appearing in March, the group has been leveraging ProxyShell against targets in 10 countries and employs a variety of malware to steal data from compromised networks.
Source: Read More (Threatpost)
You might be interested in …
[ZDNet] Cybercriminals recreate Cobalt Strike in Linux
The new malware strain has gone unnoticed by detection tools. Source: Read More (Latest topics for ZDNet in Security)
Daily NCSC-FI news followup 2020-04-01
Holy water: ongoing targeted water-holing attack in Asia securelist.com/holy-water-ongoing-targeted-water-holing-attack-in-asia/96311/ The threat actors unsophisticated but creative toolset has been evolving a lot since the inception date, may still be in development, and leverages Sojson obfuscation, NSIS installer, Python, open-source code, GitHub distribution, Go language, as well as Google Drive-based C2 channels. Zoom Client Leaks Windows Login […]
[TheRecord] EU formally blames Russia for GhostWriter influence operation
European Union officials have formally accused the Russian government and its state hackers of meddling inside the elections and political systems of several EU states. In a statement published on Friday, the EU said that the Russian government is behind a hack-and-leak operation known as Ghostwriter. Active since 2017, the campaign consists of Russian hackers breaking into news […]