Microsoft identifies a Sandworm subgroup, BadPilot, targeting Western networks. * BadPilot focuses on initial network access before handing off to other Sandworm hackers. * Targets include US, UK, Canada, and Australia. * Exploits vulnerabilities in Microsoft Exchange, Outlook, OpenFire, JetBrains, and Zimbra. * Uses Connectwise ScreenConnect and Fortinet FortiClient EMS for Western targets. * Installs Atera Agent or Splashtop Remote Services for persistent access. * Turns victim computers into Tor onion services to hide communications. * Targets energy, oil, gas, telecommunications, shipping, arms manufacturing, and international governments.
Microsoft Warns of Sandworm's BadPilot Targeting Western Networks: Exploiting Vulnerabilities in Key Software for Initial Access
Read more news on this topic:
Noise Partners with Bose for Premium Master Buds, Featuring 49dB ANC, Spatial Audio, and Dual Device Connectivity
Samsung Dominates TV Market with Quantum Dot Technology and Enhanced Security Features in Smart TVs
Google Expands 'School Time' Mode to Android Devices and Simplifies Family Link for Enhanced Parental Controls
Did you find an error or inaccuracy?
We will consider your comments as soon as possible.