SideWinder, an advanced persistent threat group, has been targeting maritime and logistics companies across South and Southeast Asia, the Middle East, and Africa in 2024. Their attacks have affected various countries, including Bangladesh, Egypt, and Vietnam, and have also focused on nuclear energy infrastructures and diplomatic entities. SideWinder is known for improving its methodologies to evade detection, using spear-phishing tactics and exploiting security vulnerabilities in Microsoft Office to infiltrate networks. Their operations highlight a significant cybersecurity threat to various sectors.
SideWinder constantly works to improve its toolsets, stay ahead of security software detections, extend persistence on compromised networks, and hide its presence on infected systems.
The latest attack chains align with previous reports, with spear-phishing emails delivering booby-trapped documents using a known security vulnerability in Microsoft Office.
Collection
[
|
...
]