TA471 Targets Ukrainian Government Websites With Malware (CERT-UA6060)
The TA471 threat group also known as Ember Bear Lorec53 and UAC-0056 targeted Ukrainian government websites.
The operation used custom backdoors web shells and tunneling tools including CredPump HoaxPen HoaxApe Ngrok and Gost to carry out the infection process.
Featured Resources
blog
Task Scheduler– New Vulnerabilities for schtasks.exe
Introduction The schtasks.exe binary is a core component of the Task Scheduler Service in Windows, enabling users to schedule and
Solution Brief
Detection Engineering
Early Detection is Critical to Stopping Cyber Attacks Threat actors often move across IT networks and cloud environments, evolving tactics
blog
Path Traversal Vulnerability in AWS SSM Agent's Plugin ID Validation
Introduction The AWS Systems Manager (SSM) Agent is a core component of Amazon Web Services management and automation capabilities, enabling