Analyst Comment: Defenders should block known Lightning indicators. Lightning is a newly discovered threat, and there is no information about its use in the wild and the actors behind it. Lightning has passive and active capabilities for communication with the threat actor, including opening up SSH service via an OpenSSH daemon, and a polymorphic command and control (C2) configuration. It is a modular framework able to install multiple types of rootkits and to run various plugins. Trending Cyber News and Threat Intelligence Lightning Framework: New Undetected “Swiss Army Knife” Linux Malware (published: July 21, 2022) Intezer researchers discovered a new Linux malware called Lightning Framework (Lightning). These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed. The IOCs related to these stories are attached to Anomali Cyber Watch and can be used to check your logs for potential malicious activity. ![]() ![]() The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: APT, Bots, China, Linux, Malspam, Mobil, Russia, and Spearhishing.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |