Assaf Dahan, Threat Research Lead at Cybereason's Nocturnus team, delves into a recently discovered cyber-espionage campaign targeting the Defense, Energy, Aerospace, Biotech and Pharma industries conducted by the Winnti Group (APT 41, BARIUM, and Blackfly) - a Chinese state-sponsored APT group known for its stealth and sophistication.
The team published two reports–one that examines the tactics and techniques of the overall campaign and another that provides a more detailed analysis of the malware and exploits used - check it out…