top of page
Search
Writer's pictureStormsec

Cranefly: Threat Actor Uses Previously Unseen Techniques and Tools in Stealthy Campaign

Symantec researchers have discovered a novel technique of reading commands from IIS logs to install backdoors and other tools in a stealthy campaign against large companies and high-profile technology firms in the US.




ADVERSARY: UNC3524


MALWARE FAMILY: ReGeorg


ATT&CK IDS: T1566 - Phishing, T1102 - Web Service, T1562 - Impair Defenses, T1572 - Protocol Tunneling


Read More:

1 view

Comments


Commenting has been turned off.
bottom of page