![]() ![]() ![]() The threat actors continue to innovate and identify new techniques and tradecraft to maintain persistent access to victim environments, hinder detection and confuse attribution efforts.” “In some instances, the data theft appears to be obtained primarily to create new routes to access other victim environments. ![]() “In most instances, post-compromise activity included theft of data relevant to Russian interests,” said the researchers in a newly published disclosure notice. That is according to threat researchers at Mandiant, who are tracking this activity and have identified two clusters – it designates these as UNC3004 and UNC2652 – both of which appear to be associated with SolarWinds’ tormentors, UNC2452, also known as Nobelium, although there is insufficient evidence to confirm this is the case.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |