Iranian MuddyWater cyber-espionage group added new attack vectors to use as part of hacking campaigns targeting telecommunication and governmental organizations. The advanced persistent threat (APT) group or government-backed hacking group had screenshots of their server backends and one of their command-and-control (C2) server’s codebase leaked via a Telegram channel during early-May. The ones designed to exploit CVE-2017-0199 “were identified by only three antivirus engines
Source: security