The Lotus Blossom Advanced Persistent Threat (APT) group, also known as Lotus Panda, Billbug, and Spring Dragon, has intensified its cyberespionage efforts with new variants of the Sagerunex backdoor. These developments highlight the group’s evolving tactics, including leveraging Windows Management Instrumentation (WMI) for post-exploitation activities and employing legitimate cloud services for command-and-control (C2) communications. The […]
The post Lotus Blossom APT Exploits WMI for Post-Exploitation Activities appeared first on Cyber Security News.
This article has been indexed from Cyber Security News