#living-off-the-land

#living-off-the-land

Security teams are still catching malware. The problem is what they're not catching. More attacks today don't arrive as files. They don't drop binaries. They don't trigger classic alerts. Instead, they run quietly through tools that already exist inside the environment - scripts, remote access, browsers, and developer workflows. That shift is creating a blind spot. Join us for a deep-dive technical session with the Zscaler Internet Access team.

According to the U.S. government, it's assessed to be a publicly-traded, Beijing-based company known as Integrity Technology Group. "The group cleverly modified a geo-mapping application's Java server object extension (SOE) into a functioning web shell," the cybersecurity company said in a report shared with The Hacker News. "By gating access with a hardcoded key for exclusive control and embedding it in system backups, they achieved deep, long-term persistence that could survive a full system recovery."