Cybersecurity

New Zardoor backdoor used in long-term cyber espionage operation targeting an Islamic organization

By Jungsoo An, Wayne Lee and Vanja Svajcer. Cisco Talos discovered a new, stealthy espionage campaign that has likely persisted since at least March 2021. The observed activity affects an Islamic non-profit organization using backdoors for a previously unreported malware family we have named “Zardoor.”  We believe an advanced threat actor is carrying out this […]

Cybersecurity

A Look at the Nim-based Campaign Using Microsoft Word Docs to Impersonate the Nepali Government

Summary Threat actors often employ stealthy attack techniques to elude detection and stay under the defender’s radar. One way they do so is by using uncommon programming languages to develop malware. Using an uncommon programming language to develop malware provides several benefits, including: Evading some signature based detections Impeding analysis by malware analysts that are […]

Cybersecurity

Alert: ‘Effluence’ Backdoor Persists Despite Patching Atlassian Confluence Servers

Nov 10, 2023NewsroomCyber Attack / Threat Intelligence Cybersecurity researchers have discovered a stealthy backdoor named Effluence that’s deployed following the successful exploitation of a recently disclosed security flaw in Atlassian Confluence Data Center and Server. “The malware acts as a persistent backdoor and is not remediated by applying patches to Confluence,” Aon’s Stroz Friedberg Incident […]

Cybersecurity

Alert: ‘Effluence’ Backdoor Persists Despite Patching Atlassian Confluence Servers

Nov 10, 2023NewsroomCyber Attack / Threat Intelligence Cybersecurity researchers have discovered a stealthy backdoor named Effluence that’s deployed following the successful exploitation of a recently disclosed security flaw in Atlassian Confluence Data Center and Server. “The malware acts as a persistent backdoor and is not remediated by applying patches to Confluence,” Aon’s Stroz Friedberg Incident […]