The Chinese-speaking cyber espionage group, IronHusky, has ramped up its activities against Mongolian and Russian governmental agencies. By exploiting a vulnerability dubbed MysterySnail RAT, uncovered during a 2021 investigation into a zero-day flaw, IronHusky uses tactics like DLL Sideloading and complex command and control communications. The threat actors then execute a variety of commands such as retrieving a second-stage malicious payload and luring DOCX files from public file storage.
Hackers Actively Exploiting Critical Exchange & SharePoint Server Vulnerabilities
Microsoft has warned that cybercriminals are increasingly exploiting critical vulnerabilities in on-premises Exchange and SharePoint Servers. New techniques like NTLM relay and credential leakage enable
