Found 2 bookmarks
Custom sorting
RansomHub Affiliate leverages Python-based backdoor
RansomHub Affiliate leverages Python-based backdoor
In an incident response in Q4 of 2024, GuidePoint Security identified evidence of a threat actor utilizing a Python-based backdoor to maintain access to compromised endpoints. The threat actor later leveraged this access to deploy RansomHub encryptors throughout the entire impacted network. ReliaQuest documented an earlier version of this malware on their website in February 2024.
#guidepointsecurity#EN#2025#incident-response#Python-based#backdoor#ransomware#RansomHub#SocGholish#FakeUpdate
·guidepointsecurity.com·
RansomHub Affiliate leverages Python-based backdoor
Backdooring Your Backdoors - Another $20 Domain, More Governments
Backdooring Your Backdoors - Another $20 Domain, More Governments
After the excitement of our .MOBI research, we were left twiddling our thumbs. As you may recall, in 2024, we demonstrated the impact of an unregistered domain when we subverted the TLS/SSL CA process for verifying domain ownership to give ourselves the ability to issue valid and trusted TLS/
#watchtowr#EN#2025#backdoor#infrastructure#abandoned#access#analysis#hack#research#hackback
·labs.watchtowr.com·
Backdooring Your Backdoors - Another $20 Domain, More Governments