Organizations running unpatched Microsoft Exchange servers were the focus of a campaign by Iranian APT Charming Kitten. The threat group – also called Ballistic Bobcat, TA453 and Phosphorus – used a previously unseen backdoor malware in the campaign that is known to have hit at least 34 victims operating across a diverse range of business verticals.

Source: SC Magazine