Security researchers are investigating a sophisticated malware attack that uses a combination of techniques, including geofencing and multi-layered obfuscation, to deploy different types of malware based on a victim’s geographical location. US-based victims are targeted with the XWorm Remote Access Trojan, while victims outside the US are targeted with the Rhadamanthys information stealer. The hackers initiate the attack chain through scheduled tasks or fake CAPTCHAs.
Hackers Actively Exploiting Critical Exchange & SharePoint Server Vulnerabilities
Microsoft has warned that cybercriminals are increasingly exploiting critical vulnerabilities in on-premises Exchange and SharePoint Servers. New techniques like NTLM relay and credential leakage enable
