Windows Management Instrumentation (WMI)

From Cyber Security News – Lotus Blossom APT Exploits WMI for Post-Exploitation Activities

The Lotus Blossom Advanced Persistent Threat (APT) group, also known as Lotus Panda, Billbug, and Spring Dragon, has intensified its cyberespionage efforts with new variants of the Sagerunex backdoor. These…

shaikh Saqib March 29, 2025

News

From The Hacker News – Chinese-Linked Attackers Exploit Check Point Flaw to Deploy ShadowPad and Ransomware

A previously unknown threat activity cluster targeted European organizations, particularly those in the healthcare sector, to deploy PlugX and its successor, ShadowPad, with the intrusions ultimately leading to deployment of a ransomware called NailaoLocker in some cases. The campaign, codenamed Green Nailao by Orange Cyberdefense CERT, involved the exploitation of a new-patched security flaw

shaikh Saqib February 20, 2025