The article discusses the Green Nailao campaign, an advanced cyber threat targeting European healthcare organizations, as reported by Orange Cyberdefense CERT. The attackers exploited a patched vulnerability in Check Point security products, allowing them to gain initial access to systems and deploy malware like PlugX and its successor ShadowPad. The campaign involved sophisticated techniques, including DLL search-order hijacking and remote desktop protocol (RDP) for lateral movement, leading to potential data exfiltration and deployment of the NailaoLocker ransomware. The campaign highlights the ongoing threat posed by cyber espionage actors, particularly those with links to China.
The campaign, codenamed Green Nailao by Orange Cyberdefense CERT, involved targeting European healthcare organizations with advanced malware and leading ransomware attacks.
Collection
[
|
...
]