Earth Baku, tied to APT41, is expanding operations into Europe. Targeting public-facing IIS servers, using Google & Cloudflare for C2, and possibly exfiltrating via MEGA. @TrendMicro https://www.trendmicro.com/en_us/research/24/h/earth-baku-latest-campaign.html Indicators in botvrij.eu https://www.botvrij.eu/data/feed-osint/739fc559-c1ea-427b-9dd6-4999276f537c.json
=> View attached media | View attached media | View attached media
=> More informations about this toot | More toots from cudeso@infosec.exchange
text/geminiThis content has been proxied by September (3851b).