all InfoSec news
From Albania to the Middle East: The Scarred Manticore is Listening
Oct. 31, 2023, 11:01 a.m. | MalBot
Malware Analysis, News and Indicators - Latest topics malware.news
Key Findings
- Check Point Research (CPR) is monitoring an ongoing Iranian espionage campaign by Scarred Manticore, an actor affiliated with the Ministry of Intelligence and Security (MOIS).
- The attacks rely on LIONTAIL, an advanced passive malware framework installed on Windows servers. For stealth purposes, LIONTIAL implants utilize direct calls to Windows HTTP stack driver HTTP.sys to load memory-residents payloads.
- As part of mutual efforts with Sygnia‘s Incident Response team, multiple forensics tools and techniques were leveraged to …
actor advanced albania attacks campaign check check point espionage findings framework implants intelligence iranian key listening malware malware analysis manticore middle east ministry of intelligence and security mois monitoring point research security servers stealth windows
More from malware.news / Malware Analysis, News and Indicators - Latest topics
Jobs in InfoSec / Cybersecurity
Consultant infrastructure sécurité H/F
@ Hifield | Sèvres, France
SOC Analyst
@ Wix | Tel Aviv, Israel
Information Security Operations Officer
@ International Labour Organization | Geneva, CH, 1200
PMO Cybersécurité H/F
@ Hifield | Sèvres, France
Third Party Risk Management - Consultant
@ KPMG India | Bengaluru, Karnataka, India
Consultant Cyber Sécurité H/F - Strasbourg
@ Hifield | Strasbourg, France