Cybersecurity
_ _ _ 0 Comments

TA402 Uses Complex IronWind Infection Chains to Target Middle East-Based Government Entities  | Proofpoint US

Key takeaways  From July through October 2023, Proofpoint researchers observed TA402 engage in phishing campaigns that delivered a new initial access downloader dubbed IronWind. The downloader was followed by additional stages that consisted of downloaded shellcode.   During the same period, TA402 adjusted its delivery methods, moving from using Dropbox links to using XLL and RAR […]

LEARN MORE 1