CyberNetsecIODec 15

📰 xHunt Espionage Group Returns, Targeting Kuwait with New PowerShell Backdoors

Cyber-espionage group xHunt is back, targeting Kuwaiti government & shipping sectors. Attackers exploit Exchange/IIS servers to deploy custom PowerShell backdoors like 'Hisoka' for long-term intelligence gathering. 🕵️‍♂️ #xHunt #CyberEspionage #Thr...

🔗 https://cyber.netsecops.io/articles/xhunt-cyber-espionage-group-resurfaces-targeting-kuwaiti-organizations/?utm_source=mastodon&utm_mediu…

xHunt Espionage Group Returns, Targeting Kuwait with New PowerShell Backdoors

The cyber-espionage group xHunt has resurfaced with a new campaign targeting Kuwaiti organizations in government and shipping, using custom PowerShell backdoors after compromising Exchange and IIS servers.

CyberNetSec.io
TechNaduNov 11

xHunt APT campaign targets Kuwait using Exchange & IIS exploits.
Custom PowerShell backdoors like Hisoka & TriFive enable stealth C2 via email drafts.
https://www.technadu.com/xhunt-apt-group-spies-on-kuwait-leveraging-microsoft-exchange-iis-and-custom-backdoors/613022/

#CyberSecurity #APT #xHunt #Kuwait #ExchangeServer

🖱🛠👉👕👈 SOSOrdinet 🎣🖥️🐛 🗞️Nov 11, 2020

#ExchangeWebServices : depuis au moins le 22 Août 2019, la campagne #xHunt cible une organisation gouvernementale du #Koweït !

https://blog.sosordi.net/2020/11/exchange-web-services-depuis-au-moins-le-22-aout-2019-la-campagne-xhunt-cible-une-organisation-gouvernementale-du-koweit.html

#securite #DNS #mail #TriFive #Snugy #Cashy200

Exchange Web Services : depuis au moins le 22 Août 2019, la campagne xHunt cible une organisation gouvernementale du Koweït ! | SOSOrdi.net

SOSOrdi.net
SecurityLabNov 10, 2020
Хакеры из xHunt вооружились новыми PowerShell-бэкдорами #xHunt, #TriFive, #Snugy https://www.securitylab.ru/news/513874.php https://twitter.com/SecurityLabnews/status/1326092242038173696/photo/1
Хакеры из xHunt вооружились новыми PowerShell-бэкдорами

Бэкдоры TriFive и Snugy использовали скрытые каналы для связи с C&C-сервером злоумышленников.

ITSEC NewsNov 9, 2020
Microsoft Exchange Attack Exposes New xHunt Backdoors - An attack on the Microsoft Exchange server of an organization in Kuwait revealed two never-before-... https://threatpost.com/microsoft-exchange-attack-xhunt-backdoors/161041/ #microsoftexchangeserverattack #microsoftexchange #xhuntthreatgroup #vulnerabilities #cloudsecurity #powershell #microsoft #backdoor #cashy200 #w3sp.exe #malware #trifive #kuwait #hacks #snugy #xhunt
Microsoft Exchange Attack Exposes New xHunt Backdoors

An attack on the Microsoft Exchange server of an organization in Kuwait revealed two never-before-seen Powershell backdoors.

Threatpost - English - Global - threatpost.com