4 matches found
New Threat Cluster OP-512 Targets Microsoft IIS Servers with Custom Web Shell Framework
Cybersecurity researchers have discovered a previously unreported threat cluster dubbed OP-512 where "OP" stands for "opponent" that has been observed targeting Microsoft Internet Information Services IIS servers to deploy a bespoke web shell framework. ReliaQuest has assessed with moderate to hi...
Stompy - Timestomp Tool To Flatten MAC Times With A Specific Timestamp
A PowerShell function to perform timestomping on specified files and directories. The function can modify timestamps recursively for all files in a directory. Change timestamps for individual files or directories. Recursively apply timestamps to all files in a directory. Option to use specific...
Lazarus Group Exploits Zero-Day Vulnerability to Hack South Korean Financial Entity
The North Korea-linked Lazarus Group has been observed weaponizing flaws in an undisclosed software to breach a financial business entity in South Korea twice within a span of a year. While the first attack in May 2022 entailed the use of a vulnerable version of a certificate software that's wide...
Here’s a Simple Script to Detect the Stealthy Nation-State BPFDoor
In this blog, the Qualys Research Team explains the mechanics of a Linux malware variant named BPFdoor. We then demonstrate the efficacy of Qualys Custom Assessment and Remediation to detect it, and Qualys Multi-Vector EDR to protect against it. BPFDoor is a Linux/Unix backdoor that allows threat...