Kaspersky researchers have discovered new variants of the Eagerbee backdoor targeting ISPs and government entities in the Middle East. New attack components include a service injector for backdoor deployment and plugins for payload delivery, system access, and remote control. The malware gathers system information and supports SSL/TLS protocols. The orchestrator injects itself and sends commands to execute via plugins. It is linked with medium confidence to the CoughingDown threat group.

Warning issued over ‘fast flux’ techniques used to obscure malicious signals on compromised networks
Law enforcement agencies have warned that organizations face a common network vulnerability that allows hackers to dodge detection and distribute malicious software indiscriminately. Referred to