Chinese advanced persistent threat operation, Gelsemium, has been trying to infiltrate Linux systems with a new backdoor, Wolfsbane. It initiates the attack with a ‘cron’ dropper and alters user configuration files before deploying privacy malware, according to a report by ESET. This attack method indicates a shifting focus of threat actors towards exploiting vulnerabilities in internet-facing systems, many of which run on Linux.
Spies hack Wi-Fi networks in far-off land to launch attack on target next door
GruesomeLarch, an advanced persistent threat group, compromised several account passwords on a web service platform using credential-stuffing attacks. However, two-factor authentication prevented actual account breaches.
