saitama – Computer Security Articles

MalwareBytes Security

How the Saitama backdoor uses DNS tunnelling

May 28, 2022 admin dns tunnelling, Explained, malware, saitama, Threat Intelligence

Credit to Author: Mark Stockley| Date: Wed, 25 May 2022 12:46:33 +0000

A walkthrough of one of the stealthy communication techniques employed in a recent attack using APT34’s Saitama backdoor.

The post How the Saitama backdoor uses DNS tunnelling appeared first on Malwarebytes Labs.

MalwareBytes Security

A week in security (May 9 – 15)

May 16, 2022 admin a week in security, apt34, canon, chrome, clearview ai, conti, f5 big ip, jester stealer, microsoft, ransomware, romance scam, saitama, virtual credit card, virtual kidnap

Credit to Author: Malwarebytes Labs| Date: Mon, 16 May 2022 10:01:04 +0000

The most important and interesting computer security stories from the last seven days.

The post A week in security (May 9 – 15) appeared first on Malwarebytes Labs.

MalwareBytes Security

APT34 targets Jordan Government using new Saitama backdoor

May 10, 2022 admin apt34, backdoor, Jordan, saitama, Threat Intelligence

Credit to Author: Threat Intelligence Team| Date: Tue, 10 May 2022 20:49:30 +0000

On April 26th, we identified a suspicious email that targeted a government official from Jordan’s foreign ministry. The email contained a malicious Excel document that drops a new backdoor named Saitama. Following our investigation, we were able to attribute this attack to the known Iranian Actor APT34. Also known as OilRig/COBALT GYPSY/IRN2/HELIX KITTEN, APT34 is…

The post APT34 targets Jordan Government using new Saitama backdoor appeared first on Malwarebytes Labs.