A new iteration of the PoetRAT spyware, sporting improvements to operational security, code efficiency and obfuscation, is making the rounds in Azerbaijan, targeting the public sector and other key organizations as the country’s conflict with Armenia over disputed territory intensifies. Threat intelligence researchers have observed multiple new strikes using the malware that show a “change in the actor’s capabilities” and “maturity toward better operational security,” while maintaining the tactic of spear-phishing to lure users into downloading malicious documents, Cisco Talos researchers revealed in a blog post, published Tuesday.
Read full article on Threat Post