"Women Political Leaders Summit Targeted in RomCom Malware Phishing"
A new variant of the RomCom backdoor was used against Women Political Leaders (WPL) Summit participants. The conference is focused on gender equality and women in politics. The campaign involved a fake website mimicking the official WPL portal. A Trend Micro report analyzing the new variant warns that its operators, tacked as Void Rabisu, have been using a stealthier backdoor and a new TLS-enforcement technique in the command-and-control (C2) communications to make discovery more difficult. The latest attack solidifies the group's transition from opportunistic ransomware attacks previously attributed to a Cuba ransomware affiliate to a high-level cyberespionage campaign exploiting zero-day vulnerabilities in Microsoft products. This article continues to discuss findings regarding the RomCom backdoor deployed against the WPL Summit in Brussels.
Bleeping Computer reports "Women Political Leaders Summit Targeted in RomCom Malware Phishing"
Submitted by grigby1