SecBoard
Zurück zur Übersicht
ManagerRed-TeamerBehördenNetworkAD & Identity

Cloud Atlas activity in the second half of 2025 and early 2026: new tools and a new payload

Securelist·
Originalartikel lesen bei Securelist

The experienced Cloud Atlas group remains active, continuing to target government sectors and diplomatic entities in Russia and Belarus, employing both new and established techniques to maintain persistence in compromised systems.

MITRE ATT&CK Kill Chain (14 Techniken)

Reconnaissance
T1589.001

Credentials

T1592.002

Software

Resource Development
T1583.001

Domains

T1583.004

Server

T1584.001

Domains

T1584.004

Server

T1587.001

Malware

T1588.001

Malware

Initial Access
T1566

Phishing

Execution
T1053.005

Scheduled Task

T1059.001

PowerShell

T1059.006

Python

Credential Access
T1558.003

Kerberoasting

Command & Control
T1090

Proxy

Themen
APT reportsMalware TechnologiesMicrosoft WindowsTargeted attacksMalware DescriptionsPhishingAPTBackdoorPowerShellSSH
Vollständigen Artikel lesen bei Securelist

Verwandte Artikel

New AI DDoS Attacks Are Smarter. Learn How to Fight Back in This Webinar

The Hacker News·vor etwa 9 Stunden

CISA orders feds to patch actively exploited Drupal vulnerability

BleepingComputer·vor etwa 12 Stunden

Jetzt patchen! Angreifer nutzen kritische Schadcode-Lücke in Drupal aus

heise Security·vor etwa 12 Stunden

Ghost CMS Vulnerability Exploited to Hack Over 700 Websites

SecurityWeek·vor 1 Tag

Lazarus Deploys RemotePE Memory-Only RAT Against Financial and Crypto Firms

The Hacker News·vor 1 Tag