Recherche : [Smuggling]

Stealthy Attributes of APT Lazarus: Evading Detection with Extended Attributes https://www.group-ib.com/blog/stealthy-attributes-of-apt-lazarus/

14/11/2024 00:02:10

APT Lazarus has begun attempting to smuggle code using custom extended attributes.

Extended attributes are metadata that can be associated with files and directories in various file systems. They allow users to store additional information about a file beyond the standard attributes like file size, timestamps, and permissions.

Compromising F5 BIGIP with Request Smuggling | CVE-2023-46747 https://www.praetorian.com/blog/refresh-compromising-f5-big-ip-with-request-smuggling-cve-2023-46747/

27/10/2023 13:43:18

Our team identified a request smuggling vulnerability that led to complete compromise of an F5 system with the TMUI exposed.

Chinese Threat Actors Targeting Europe in SmugX Campaign https://research.checkpoint.com/2023/chinese-threat-actors-targeting-europe-in-smugx-campaign/

03/07/2023 21:47:15

In the last couple of months, Check Point Research (CPR) has been tracking the activity of a Chinese threat actor targeting Foreign Affairs ministries and embassies in Europe. Combined with other Chinese activity previously reported by Check Point Research, this represents a larger trend within the Chinese ecosystem, pointing to a shift to targeting European entities, with a focus on their foreign policy.

The activity described in this report, utilizes HTML Smuggling to target governmental entities in Eastern Europe. This specific campaign has been active since at least December 2022, and is likely a direct continuation of a previously reported campaign attributed to RedDelta (and also to Mustang Panda, to some extent).

Liens par page

Filtres