SiestaGraph And DoorMe Backdoors Used To Target ASEAN Member Foreign Ministry
Multiple threat actors are suspected to be behind attacks focused on the Foreign Affairs office of an ASEAN member.
The adversaries likely took advantage of a flaw in an Internet facing Microsoft Exchange server for initial access.
The DoorMe and SiestaGraph backdoors along with a Cobalt Strike beacon and multiple Windows binaries were used for lateral movement, exfiltrate sensitive data, and perform reconnaissance.
Featured Resources
blog
Get Ready to Get MCPwned — Cymulate’s Elite CTF on Securing the Model Context Protocol
When AI agents meet the real world, every protocol becomes a potential attack vector. That’s the big idea behind MCPwned,
CUSTOMERS
How a Retail Organization Became 12x Faster at Assessing Security Controls with Cymulate
Challenge This retail organization has a presence in 34 countries and over 5,800 stores. Its security team uses various controls
blog
Ransomware Detection Techniques: A Smarter Approach to Staying Ahead of Attacks
Ransomware attacks continue to rise in both volume and sophistication, crippling organizations, exfiltrating sensitive data and costing billions annually in