TLP TLP TLP CLEAR Author David Deflache, Sebastien Tricaud Summary This week, we share data from another attack being exploited. In mid-Autumn 2021, Kaspersky experts uncovered a ShadowPad malware campaign targeting a national telecom company in Pakistan. The attack, presumed to have begun in winter 2021, exploited MS Exchange vulnerability (CVE-2021-26855) to install a Cobalt…
TLP TLP TLP CLEAR Author David Deflache, Sebastien Tricaud Summary This week, we share data from another attack being exploited. In August 2022, analysts uncovered a cyber attack on a government-run Indonesian company by the APT group GhostEmperor. Known since 2021, GhostEmperor specializes in cyberespionage across sectors, employing tactics such as phishing, software exploits, and…
TLP TLP TLP CLEAR Author David Deflache, Sebastien Tricaud Summary In 2022, a targeted cyberattack employing the WebDav-O malware was identified against a Russian government agency. This malicious activity, linked to the CoughingDown group, spanned back to 2018 and targeted government entities in Belarus. The campaign involved the discovery of multiple WebDav-O variants, with observed…
End of content
End of content
