HiatusRAT Targets SOHO Routers
Business grade routers are being infected with the HiatusRAT Remote Access Trojan a variant of tcpdump to perform packing capturing and a bash script deployed post-exploitation.
The malicious software opens a listener on port 8816 and sends sensitive information to command-and-control servers.
Data collected includes system network and file information as well as information about the running processes on the infected device.
Featured Resources
blog
How Cymulate Supports Hong Kong's 2025 Protection of Critical Infrastructure Ordinance
In March 2025, Hong Kong's Protection of Critical Infrastructure (Computer System) Ordinance was enacted and will go into effect in
blog
Reducing Attack Surface with Exposure Management and Attack Path Discovery
Key Takeaways Every new endpoint, cloud workload and third-party connection expands an organization’s attack surface. In simple terms, this
Report
Strategic Roadmap for Continuous Threat Exposure Management
This Gartner® report guides CISOs from traditional vulnerability management to a dynamic CTEM program.