A new tool called SockDetour has been discovered that acts as a backup backdoor if the original one is removed. Written in the 64-bit PE file format, stands out and is challenging to detect since it runs filelessly and socketlessly on hacked Windows servers. One of the C2 infrastructures that the threat actor used for […]

Read more of this post