Как одно письмо лишило школы Теннесси соцпрограммы.
1 час назад @ securitylab.ruPeach Sandstorm attack chainIntelligence gathering on LinkedInGoing back to at least November 2021 and continuing through mid-2024, Microsoft observed Peach Sandstorm using multiple LinkedIn profiles masquerading as students, developers, and talent acquisition managers based in the US and Western Europe.
Tickler malwareMicrosoft Threat Intelligence identified two samples of the Tickler malware, a custom multi-stage backdoor, that Peach Sandstorm deployed in compromised environments as recently as July 2024.
Network information collected by Tickler after deployment on target hostWe subsequently observed Peach Sandstorm iterating and improving on this initial sample.
]netTickler samples and r…
2 weeks, 4 days назад @ microsoft.com