Symatec has recently identified a group named Leafminer, which appears to be comprised of highly trained attackers who have been targeting several Middle Eastern organizations. The group first surfaced in June 2017 and has since attacked several critical infrastructures and networks in Saudi Arabia, Lebanon, Qatar, Bahrain, and more
The group uses several intrusion techniques for data theft, starting with vulnerability scans to search for vulnerable network services to exploit. To breach these vulnerable services, the group uses watering hole websites and brute force attempts. Symatec was able to uncover this information because a compromised staging server used by Leafminer was left publicly accessible. Symatec also discovered that the hackers tend to scour victims' networks for email data, files, and databases.
Don't want to make the news for the wrong reasons? Download ManageEngine Log360, the tool that can help combat internal and external security attacks.
Log360, ManageEngine's comprehensive log management and Active Directory auditing tool, helps you:
You will receive weekly cybersecurity news soon!
2022 Zoho Corporation Pvt. Ltd. All rights reserved.