cognitive cybersecurity intelligence

News and Analysis

Search

GuidePoint warns of Python backdoor used in ransomware

GuidePoint Security identified a threat actor using a Python-based backdoor to persistently access breached endpoints and release RansomHub encryptors across compromised networks. The backdoor was first documented by ReliaQuest in February 2024, with GuidePoint noting updates in a later version. The Python backdoor forms a cornerstone of the command-and-control infrastructure, facilitating strong lateral movement and indicating a high coding proficiency or AI-assisted coding. Ransomware affiliates continue to exploit such backdoors.

Source: securitybrief.com.au –

Subscribe to newsletter

Subscribe to HEAL Security Dispatch for the latest healthcare cybersecurity news and analysis.

More Posts

How to Root Out Malicious Employees

Insider threats pose one of the largest security risks to organizations, and often go unnoticed or unaddressed. Malicious and negligent employees can commit devastating acts,