A recent surge in ransomware attacks is targeting Windows system administrators through deceptive online advertisements promoting fake download sites for popular utilities like Putty and WinSCP. These malicious campaigns exploit the higher privileges of system administrators to infiltrate networks, steal data, and deploy ransomware. WinSCP, an SFTP and FTP client, and Putty, an SSH client, […]
Recent investigations unveil the increasingly sophisticated methods employed by the Advanced Persistent Threat (APT) group ToddyCat. This report details their techniques for hijacking network infrastructure and exfiltrating sensitive data from government organizations across the Asia-Pacific region. Previously known for utilizing data collection and exfiltration tools, ToddyCat has demonstrably enhanced its capabilities by integrating advanced traffic […]