Chinese APT Mustang Panda Debuts 4 New Attack Tools
The notorious nation-state-backed threat actor has added two new keyloggers, a lateral movement tool, and an endpoint detection and response (EDR) evasion driver to its arsenal.
Endpoint security protects laptops, phones, servers, and other connected devices from malware, unauthorized access, and breaches.
Search across headline titles and summaries.
Background for this topic.
Endpoint security protects laptops, desktops, servers, mobile devices, and other systems that connect to an organization’s networks or services. It combines secure configuration, timely patching, encryption, access controls, application restrictions, and monitoring. Endpoint detection and response (EDR) tools record activity such as process execution, persistence, and configuration changes so analysts can investigate suspicious behavior.
Endpoints are common entry points for exploiting vulnerable software, stealing credentials, or installing unauthorized code. Effective programs maintain an accurate device and software inventory, prioritize vulnerabilities that are exposed or actively exploited, and apply least privilege to limit what a compromised device or account can do. They also need tested procedures to contain or isolate devices, investigate them without unnecessarily destroying evidence, and govern endpoint telemetry and administrator access to protect privacy and support applicable data-handling obligations.
The notorious nation-state-backed threat actor has added two new keyloggers, a lateral movement tool, and an endpoint detection and response (EDR) evasion driver to its arsenal.
Malware Hides in Memory, Evades Detection by Endpoint ToolsA Chinese state-backed hacking group tracked as UNC5174 relaunched its operations after a year of silence with a campaign using a memory-only remote access Trojan that evades traditional detection mechanisms, according to new research from cybersecurity firm Sysdig.