all InfoSec news
Analysis of Attack Case Installing SoftEther VPN on Korean ERP Server
Malware Analysis, News and Indicators - Latest topics malware.news
AhnLab SEcurity intelligence Center (ASEC) has recently discovered an attack case where a threat actor attacked the ERP server of a Korean corporation and installed a VPN server. In the initial compromise process, the threat actor attacked the MS-SQL service and later installed a web shell to maintain persistence and control the infected system. They then ultimately installed SoftEther VPN to utilize the infected system as a VPN server.
1. Proxy and VPN Services
Proxy and VPN are technologies that …
actor ahnlab analysis asec attack case center compromise erp intelligence malware analysis ms-sql persistence process security security intelligence server service shell softether sql threat threat actor vpn vpn server web web shell