Researchers have discovered a new functional backdoor malware, which uses Telegram as its command-and-control (C2) channel. The malware functions as a backdoor performing an initial self-installation process, monitors channels for incoming commands and supports four commands for executing various actions, three of which have been fully implemented. The malware’s use of cloud applications like Telegram complicates detection efforts, posing a significant challenge for cybersecurity defenders.
Threat Actors Leveraging RDP Credentials to Deploy Cephalus Ransomware
A newly identified ransomware group, Cephalus, has emerged as a significant threat to organizations worldwide, exploiting stolen Remote Desktop Protocol (RDP) credentials to gain access
