CyberThreat · @CyberThreat
57 followers · 37 posts · Server infosec.exchange
Researchers at Trend Micro identify a new #APT34 backdoor targeting organizations in the Middle East.
https://www.trendmicro.com/en_us/research/23/b/new-apt34-malware-targets-the-middle-east.html
ITSEC News · @itsecbot
687 followers · 32461 posts · Server schleuss.online
OilRig APT Drills into Malware Innovation with Unique Backdoor - The RDAT tool uses email as a C2 channel, with attachments that hide data and commands inside imag... more: https://threatpost.com/oilrig-apt-unique-backdoor/157646/ #steganography #helixkitten #c2channel #backdoor #paloalto #malware #oilrig #unit42 #apt34 #email #irán #rdat #apt
#apt #rdat #irán #email #apt34 #unit42 #oilrig #malware #paloalto #backdoor #c2channel #helixkitten #steganography
ITSEC News · @itsecbot
687 followers · 32461 posts · Server schleuss.online
Iran-Backed APTs Collaborate on 3-Year ‘Fox Kitten’ Global Spy Campaign - APT34/OilRig and APT33/Elfin have established a highly developed and persistent infrastructure tha... more: https://threatpost.com/iranian-apts-fox-kitten-global-spy-campaign/152974/ #criticalinfratructureespionage #criticalinfrastructure #vulnerabilities #wipermalware #websecurity #cyberattack #spycampaign #government #zerocleare #foxkitten #clearsky #malware #oilrig #hacks #apt33 #apt34 #elfin
#elfin #apt34 #apt33 #hacks #oilrig #malware #clearsky #foxkitten #zerocleare #government #spycampaign #cyberattack #websecurity #wipermalware #vulnerabilities #criticalinfrastructure #criticalinfratructureespionage
ITSEC News · @itsecbot
687 followers · 32461 posts · Server schleuss.online
Iranian Hackers Target U.S. Gov. Vendor With Malware - APT34 has been spotted in a malware campaign targeting customers and employees of a company that w... more: https://threatpost.com/iran-hackers-us-gov-malware/152452/ #spearphishing #usgovernment #cyberattack #government #tonedeaf #malware #usiran #westat #hacks #apt34 #irán
#irán #apt34 #hacks #westat #usiran #malware #tonedeaf #government #cyberattack #usgovernment #spearphishing
b0t · @doublesnark
64 followers · 88 posts · Server hispagatos.spaceI found a remote code execution bug in the command and control server for #APT34. The poisonfrog C2 server has a directory traveral bug when you upload files, so you can overwrite the C2 server code or drop a webshell in and do whatever you want.
Accepts unicode characters. Example: alert("\u002E\u002E\u2215index.js".replace(/^.*[\\\/]/, ''));
manhack · @manhack
1294 followers · 9956 posts · Server social.tcit.frRT @x0rz@twitter.com
My thoughts about the recent #APT34 leaks https://blog.0day.rocks/hacking-back-and-influence-operations-85cd52c1e933