New research shows the TinyTurla-NG backdoor uses the Chisel open-source attack framework for some communications and has a variety of post-compromise capabilities.
A threat actor has been observed exploiting various previously disclosed flaws to gain access to various U.S. governments and research organizations.
At the time of disclosure, Ivanti said it is not currently aware of the flaw being exploited.
“The PRC’s inside the house,” said Andrew Scott, associate director for China operations with the U.S. Cybersecurity and Infrastructure Security Agency (CISA).
SentinelLabs researchers have discovered a new wiper malware called AcidPour in Ukraine, which appears to be a new version of the AcidRain malware.