Asia, Europe targeted by new APT41 attacks

19 July 2024

APT41, also known as Wicked Panda, Barium, and Winnti, exploited Tomcat Apache Manager servers’ web shells to facilitate dropper execution and backdoor distribution before leveraging the DUSTTRAP multi-stage plugin framework to conceal malicious activity, according to a report from Mandiant. Such attacks also involved the usage of a command-line utility to enable Oracle database exfiltration.

Source: SC Magazine

Date:

19 July 2024

Categorie(s):

NEWS

Tag(s):

APT41, Asia, Europe, IT, Threat Intelligence

How macOS Sequoia can help you at work16 September 2024
RansomHub Ransomware Gang Leaks 487GB of Alleged Kawasaki Europe Data16 September 2024
Snowflake slams ‘more MFA’ button again – months after Ticketmaster, Santander breaches16 September 2024
Create security observability using generative AI with Security Lake and Amazon Q in QuickSight16 September 2024
Cyberattacks against manufacturing sector increased 105% in H1 of 202416 September 2024