During a recent incident, we identified a sophisticated sideloading infection chain dropping a custom implant for data exfiltration. Further analysis allowed us to attribute the activity to the Iran-nexus APT group Nimbus Manticore, also tracked as UNC1549 and Smoke...
Detecting Nimbus Manticore and their sideloading infection chains
read more
