PT-2024-12933 · Undefined · Undefined

OSINT CTI Qlik Sense Users - Adversary Tactics: - Initial Access: CVE-2023-412662, CVE-2023-412653 - RMMs: ManageEngine UEMS, Zoho Assist, DWAgent - Lateral Mov: RDP & PuTTY Link8 - Exfil: WizTree & Rclone - Impact: Cactus Ransomware https://t.co/gt0dhuFniS...

Pack it Secretly: Earth Preta’s Updated Stealthy Strategies

After months of investigation, we found that several undisclosed malware and interesting tools used for exfiltration purposes were being used by Earth Preta. We also observed that the threat actors were actively changing their tools, tactics, and procedures TTPs to bypass security solutions. In...