Get a Pentest and security assessment of your IT network.

News

Lemon Duck spreads its wings: Actors target Microsoft Exchange servers, incorporate new TTPs

Cisco Talos has observed updated infrastructure and new components associated with the Lemon Duck cryptocurrency mining botnet that target unpatched Microsoft Exchange Servers and attempt to download and execute payloads for Cobalt Strike DNS beacons. The use of fake domains on East Asian top-level domains (TLDs) masks connections to the actual command and control (C2) infrastructure used in these campaigns. This activity reflects updated tactics, techniques, and procedures (TTPs) associated with this threat actor.”]

Source: https://blog.talosintelligence.com/2021/05/lemon-duck-spreads-wings.html

Related posts
News

Ashley Madison 2.0 Hackers Leak 20GB Data Dump, Including CEO's Emails

News

Art of Twitter account hacking

News

Botnet authors use Evernote account as C&C Server

News

Canadian agency breached as hackers exploit CVE-2017-5638 flaw in Apache Struts 2