New DarkHotel APT attack chain identified
This attack chain is attributed to the Dark Hotel APT group with a high level of confidence due to the below reasons:
1. The multi-layer malicious document which drops a scriptlet post-exploitation.
2. Filename of the dropped file system artifacts such as the scriptlet file - googleofficechk.sct
3. The command-and-control (C2) commands are the same as earlier payloads used by Dark Hotel.
4. Timestamps of the dropped payloads are around the same timeframe when previously documented Dark Hotel APT activity was observed.
Featured Resources
blog
Exploitable Vulnerabilities: Prioritize What Poses Real Risk
Not all cybersecurity vulnerabilities are created equal. While Common Vulnerability Scoring System (CVSS) scores are useful indicators of severity, they
blog
NIST Compliance Checklist: A Practical Guide to Cybersecurity Alignment
Threats are everywhere in digital business. As such, regulatory alignment can’t just be a best practice. It’s time for a
Report
On the Radar: Why Cymulate Leads in Exposure Management
In this exclusive “On the Radar” report, Omdia highlights how Cymulate has positioned itself as a leading provider of exposure