A sophisticated threat actor carried out a series of highly targeted attacks against Australian companies and government institutions last year and it’s possible that they are now carrying out a similar campaign against US companies, utilizing almost exclusively memory-resident malware.
Sygnia researchers claimed this week that they have observed attacks with all the hallmarks of the Australian campaign targeting high-profile public and private organizations in the United States. The threat actor, dubbed Praying Mantis or TG2021 by Sygnia, has been exploiting Windows Internet Information Services (IIS) environments and Web applications to obtain initial access to target networks, according to Sygnia.
To Read More: Darkreading
For more such updates follow us on Google News ITsecuritywire News.