South Korean ERP Vendor’s Server Hacked to Spread Xctdoor Malware

South Korean ERP Vendor’s Server Hacked to Spread Xctdoor Malware

/in

An unnamed South Korean enterprise resource planning (ERP) vendor’s product update server has been found to be compromised to deliver a Go-based backdoor dubbed Xctdoor.
The AhnLab Security Intelligence Center (ASEC), which identified the attack in May 2024, did not attribute it to a known threat actor or group, but noted that the tactics overlap with that of Andariel, a sub-cluster within the

The Hacker News – ​Read More

Israeli Entities Targeted by Cyberattack Using Donut and Sliver FrameworksIsraeli Entities Targeted by Cyberattack Using Donut and Sliver FrameworksSouth Africa National Healthcare Lab Still Reeling from Ransomware AttackSouth Africa National Healthcare Lab Still Reeling from Ransomware Attack