Threat Actors Adopt Havoc Framework for Post-Exploitation in Targeted Attacks

By Ravie Lakshmanan

An open source command-and-control (C2) framework known as Havoc is being adopted by threat actors as an alternative to other well-known legitimate toolkits like Cobalt Strike, Sliver, and Brute Ratel. Cybersecurity firm Zscaler said it observed a new campaign in the beginning of January 2023 targeting an unnamed government organization that utilized Havoc. "While C2 frameworks are prolific, the

Related tags
- ❌
- Cobalt
- Strike
- Sliver
- C2
- Framework
- Brute
- Ratel
- C4
- Zscaler
February 22^nd 2023 at 07:18

The Hacker News
Hackers Exploit Vulnerabilities in Sunlogin to Deploy Sliver C2 Framework
February 7^th 2023 at 12:58

Hackers Exploit Vulnerabilities in Sunlogin to Deploy Sliver C2 Framework

By Ravie Lakshmanan

Threat actors are leveraging known flaws in Sunlogin software to deploy the Sliver command-and-control (C2) framework for carrying out post-exploitation activities. The findings come from AhnLab Security Emergency response Center (ASEC), which found that security vulnerabilities in Sunlogin, a remote desktop program developed in China, are being abused to deploy a wide range of payloads. "Not

Related tags
February 7^th 2023 at 12:58