Summary:
-
New Backdoor
Hackers have discovered a novel backdoor named “Backdoor.Msupedge,” using DNS traffic to communicate with a command-and-control server, making it harder to detect on Microsoft Windows systems. -
Clever Exploitation
The backdoor exploits a recently patched PHP vulnerability (CVE-2024-4577) on Windows, allowing remote code execution and giving attackers control over infected systems. -
Undetected Threat
This stealthy method, overlooked by many security tools, has been used in recent attacks, particularly targeting organizations in Taiwan, with motives still unknown.
Read more at: Security.com
!