all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Rare Backdoors Suspected to be Tied to Gelsemium APT Found in Targeted Attack in Southeast Asian Government

Add to bookmarks
Sept. 22, 2023, 1:05 p.m. | Lior Rochberger, Tom Fakterman and Robert Falcone

Unit42 unit42.paloaltonetworks.com

Threat activity targeting a Southeast Asian government could provide insight into the workings of APT Gelsemium. We examine the rare TTPs we observed in two attacks.


The post Rare Backdoors Suspected to be Tied to Gelsemium APT Found in Targeted Attack in Southeast Asian Government appeared first on Unit 42.

advanced url filtering apt attack attacks backdoor backdoors behavioral threat protection china chopper cl-sta-0046 cortex xdr cortex xsiam dns security found gelsemium government insight targeted attack targeting threat threat actors ttps web shells wildfire

Visit resource

More from unit42.paloaltonetworks.com / Unit42

Threat Brief: Operation MidnightEclipse, Post-Exploitation Activity Related to CVE-2024-3400 2 weeks, 1 day ago | unit42.paloaltonetworks.com
campaign command command injection cve +13
Muddled Libra’s Evolution to the Cloud 2 weeks, 4 days ago | unit42.paloaltonetworks.com
amp applications att aws +17
It Was Not Me! Malware-Initiated Vulnerability Scanning Is on the Rise 2 weeks, 5 days ago | unit42.paloaltonetworks.com
advanced threat prevention advanced url filtering advanced wildfire attacks +14
Threat Brief: Vulnerability in XZ Utils Data Compression Library Impacting Multiple Linux Distributions (CVE-2024-3094) 4 weeks ago | unit42.paloaltonetworks.com
compression cortex xdr cortex xsiam cve +17
Exposing a New BOLA Vulnerability in Grafana 1 month ago | unit42.paloaltonetworks.com
advanced url filtering api api attacks authorization +19
ASEAN Entities in the Spotlight: Chinese APT Group Targeting 1 month ago | unit42.paloaltonetworks.com
actions advanced persistent threat advanced url filtering apac +20
Large-Scale StrelaStealer Campaign in Early 2024 1 month ago | unit42.paloaltonetworks.com
advanced threat protection advanced wildfire campaign campaigns +16
Curious Serpens’ FalseFont Backdoor: Technical Analysis, Detection and Prevention 1 month ago | unit42.paloaltonetworks.com
advanced threat prevention advanced url filtering advanced wildfire aerospace +25
Unit 42 Collaborative Research With Ukraine’s Cyber Agency To Uncover the Smoke Loader Backdoor 1 month, 1 week ago | unit42.paloaltonetworks.com
advanced threat prevention advanced url filtering advanced wildfire agency +21

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Associate Principal Security Engineer

@ Activision Blizzard | Work from Home - CA
View on infosec-jobs.com

Security Engineer- Systems Integration

@ Meta | Bellevue, WA | Menlo Park, CA | New York City
View on infosec-jobs.com

Lead Security Engineer (Digital Forensic and IR Analyst)

@ Blue Yonder | Hyderabad
View on infosec-jobs.com

Senior Principal IAM Engineering Program Manager Cybersecurity

@ Providence | Redmond, WA, United States
View on infosec-jobs.com

Information Security Analyst II or III

@ Entergy | The Woodlands, Texas, United States
View on infosec-jobs.com
View more jobs