TechNaduSep 6, 2025

🚨 GhostRedirector campaign revealed 🚨
ESET reports a China-aligned group hijacked 65+ Windows servers with two new backdoors:
🔧 Rungan — remote command execution
🔧 Gamshen — manipulates SEO to push gambling sites
Targets span healthcare, retail, education, and more. Risk: reputational damage & server persistence.
🔒 Follow @technadu for continuous #infosec coverage.

#CyberSecurity #SEO #WindowsServers

Rene RobichaudSep 4, 2025

GhostRedirector Hacks 65 Windows Servers Using Rungan Backdoor and Gamshen IIS Module
https://thehackernews.com/2025/09/ghostredirector-hacks-65-windows.html

#Infosec #Security #Cybersecurity #CeptBiro #GhostRedirector #WindowsServers #Rungan #Backdoor #Gamshen #IISModule

GhostRedirector Hacks 65 Windows Servers Using Rungan Backdoor and Gamshen IIS Module

GhostRedirector compromised 65 Windows servers since Aug 2024 using Rungan and Gamshen malware, driving SEO fraud.

The Hacker News
Geekmaster 👽Jan 10, 2025

All #sysadmins should review this article and the #CVE reports. Ensure ALL of your #domaincontrollers (at a minimum) and #WindowsServers are fully patched to prevent this vulnerability from being exploited. No one wants an #LDAP #DoS situation. What a nightmare that would be.

#StayCyberAware #BeCyberSafe

https://www.darkreading.com/vulnerabilities-threats/active-directory-flaw-can-crash-any-microsoft-server-connected-to-the-internet

Active Directory Flaw Can Crash Any Microsoft Server

Windows servers are vulnerable to a dangerous LDAP vulnerability that could be used to crash multiple servers at once and should be patched immediately.