Breach

Global Cyber Espionage Campaign Launched by Novel TAG-100 Operation

Share
System hacked warning alert on laptop computer. Cyber attack on computer network, virus, spyware, malware or malicious software. Cyber security and cybercrime concept. System security technology (3)

Attacks exploiting known security flaws impacting internet-facing systems, including Microsoft Exchange Server, SonicWall, and F5 BIG-IP instances, as well as the open-source Pantegana and Spark RAT backdoors have been deployed by the new TAG-100 threat operation as part of a cyberespionage campaign against private and government organizations in the U.S. and other parts of the world, according to The Hacker News.

TAG-100 further intensified the targeting of U.S. organizations in mid-April with reconnaissance intrusions leveraging the maximum severity remote code execution flaw impacting Palo Alto Networks GlobalProtect firewalls, tracked as CVE-2024-3400, facilitating Pantegana, SparkRAT, and Cobalt Strike Beacon deployment, an analysis from Recorded Future's Insikt Group revealed.

"The widespread targeting of internet-facing appliances is particularly attractive because it offers a foothold within the targeted network via products that often have limited visibility, logging capabilities, and support for traditional security solutions, reducing the risk of detection post-exploitation," said Recorded Future researchers.

Related Terms

Attack Vector