October 24, 2024 at 05:26AM Attackers are employing layered strategies using multiple tools like web shells and VPN compromises to maintain access to networks. Trend Micro’s analysis highlights the need for strong logging, incident response planning, and robust security measures to identify and contain threats early, preventing severe consequences like ransomware deployment. ### Key Insights … Read more
September 24, 2024 at 11:54AM Mandiant’s report uncovers UNC1860 as an Iranian APT group gaining initial access to Middle Eastern networks, potentially sponsored by the Iranian government. The group employs specialized tools like TemplePlay and ViroGreen to gain access and maintain long-term control, presenting a significant threat to Middle Eastern entities. From the meeting notes, … Read more
May 7, 2024 at 05:56PM The MITRE Corporation was targeted by China-linked hackers who used various backdoors and web shells. The attackers gained access to NERVE, MITRE’s research network, and deployed five unique payloads over several months. MITRE emphasized the importance of secure design, zero trust, and continuous authentication in light of the attackās aftermath. … Read more
November 22, 2023 at 03:06PM Experts say that web shells, which are easy-to-use tools used to issue commands to compromised servers, are becoming more popular among attackers. The use of web shells such as WSO-NG and others by ransomware gangs and in mass exploitation campaigns has been observed. Web shells are difficult to detect and … Read more