mardi 19 septembre 2023 à 14:35
Telecommunication service providers in the Middle East are the target of a new intrusion set dubbed ShroudedSnooper that employs a stealthy backdoor called HTTPSnoop.
"HTTPSnoop is a simple, yet effective, backdoor that consists of novel techniques to interface with Windows HTTP kernel drivers and devices to listen to incoming requests for specific HTTP(S) URLs and execute that content on the
mardi 19 septembre 2023 à 13:32
XWorm is a relatively new representative of the remote access trojan cohort that has already earned its spot among the most persistent threats across the globe.
Since 2022, when it was first observed by researchers, it has undergone a number of major updates that have significantly enhanced its functionality and solidified its staying power.
The analyst team at ANY.RUN came across the newest
mardi 19 septembre 2023 à 13:10
The China-linked threat actor known as Earth Lusca has been observed targeting government entities using a never-before-seen Linux backdoor called SprySOCKS.
Earth Lusca was first documented by Trend Micro in January 2022, detailing the adversary's attacks against public and private sector entities across Asia, Australia, Europe, North America.
Active since 2021, the group has relied on