Russia-linked Turla APT uses new TinyTurla-NG backdoor to spy on Polish NGOs
Security Affairs
FEBRUARY 16, 2024
Threat actors compromised the websites running vulnerable versions of the popular CMS, including 4.4.20, 5.0.21, 5.1.18 The attackers uploaded PHP files containing the C2 code consisting of names such as: rss-old[.]php, killme” : Create a BAT file (see below) with a name based on the current tick count.
Let's personalize your content