APT组织UNC2970利用木马化PDF阅读器进行复杂网络攻击——每周威胁情报动态第193期(09.13-09.19)
APT组织Lazarus 在Rootkit(获取内核权限)攻击中使用了微软的0day漏洞;APT组织Kimsuky利用软件公司产品安装程序进行伪装展开攻击;NoName057(16)组织DDoSia项目持续更新;
A botnet operated by the Chinese state-sponsored threat actor known as Flax Typhoon has been disrupted by the law enforcement agency and abandoned by the group, FBI Director Chris Wray confirmed on Wednesday. “We executed court-authorized operations to take control of the botnet’s infrastructure. When the bad guys realized what was happening, they tried to migrate their bots to new servers and even conducted a distributed denial-of-service attack against us,” he told the audience at … More →
The post FBI forced Flax Typhoon to abandon its botnet appeared first on Help Net Security.