SiestaGraph And DoorMe Backdoors Used To Target ASEAN Member Foreign Ministry

December 21, 2022

Multiple threat actors are suspected to be behind attacks focused on the Foreign Affairs office of an ASEAN member. The adversaries likely took advantage of a flaw in an Internet facing Microsoft Exchange server for initial access. The DoorMe and SiestaGraph backdoors along with a Cobalt Strike beacon and multiple Windows binaries were used for lateral movement, exfiltrate sensitive data, and perform reconnaissance.

Featured Resources

View More Resources

blog

Shai-Hulud 2.0: NPM Supply Chain Attack Exposes the SDLC's Weakest Link

Idan Sherman, Security Researcher Executive summary The "Shai-Hulud" supply chain campaign has returned, striking harder and smarter than before. This

blog

Top 5 Must-Have Features in an Exposure Management Platform

Security teams are under growing pressure to reduce risk faster and prove resilience continuously. Attack surfaces expand with every new

Solution Brief

Continuous Wiz Validation and Optimization

Make CTEM actionable with continuous threat validation that proves and improves your real-world resilience.

SiestaGraph And DoorMe Backdoors Used To Target ASEAN Member Foreign Ministry

Featured Resources

Shai-Hulud 2.0: NPM Supply Chain Attack Exposes the SDLC's Weakest Link

Top 5 Must-Have Features in an Exposure Management Platform

<img width="169" height="102" src="https://cymulate.com/uploaded-files/2023/08/Wiz-Defend_Certified-Integration-1.svg" alt="" class="kb-img wp-image-31752"/> Continuous Wiz Validation and Optimization

Continuous Wiz Validation and Optimization