Your Web News in One Place

An Interest In:

Web News this Week

Search Archive

Some of Our Sources

View All Sources

Help Webnuz

Referal links:

Sign up for GreenGeeks web hosting
May 3, 2022 03:20 pm

A Stealthy New Espionage Group is Targeting Corporate Mergers and Acquisitions

A new espionage actor is breaching corporate networks to steal emails from employees involved in big financial transactions like mergers and acquisitions. From a report: Mandiant researchers, which first discovered the advanced persistent threat (APT) group in December 2019 and now tracks it as "UNC3524," says that while the group's corporate targets hint at financial motivation, its longer-than-average dwell time in a victim's environment suggests an intelligence gathering mandate. In some cases, UNC3524 remained undetected in victims' environments for as long as 18 months, versus an average dwell time of 21 days in 2021. Mandiant credits the group's success at achieving such a long dwell time to its unique approach to its use of a novel backdoor -- tracked as "QuietExit" -- on network appliances that do not support antivirus or endpoint detection, such as storage arrays, load balancers and wireless access point controllers. The QuietExit backdoor's command-and-control servers are part of a botnet built by compromising D-Link and LifeSize conference room camera systems, according to Mandiant, which said the compromised devices were likely breached due to the use of default credentials, rather than an exploit.

Read more of this story at Slashdot.


Original Link: https://news.slashdot.org/story/22/05/03/154201/a-stealthy-new-espionage-group-is-targeting-corporate-mergers-and-acquisitions?utm_source=rss1.0mainli

Share this article:    Share on Facebook
View Full Article

Slashdot

Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..

More About this Source Visit Slashdot