Iron Tiger APT Group Updates SysUpdate Malware to Target Linux Platforms

Threat Level – Red | Vulnerability Report
Download PDF

The Iron Tiger aka APT27 group updated their custom malware, SysUpdate, to target Linux platforms and evade security solutions. They specifically targeted a vulnerability in a Wazuh signed executable, using a complex loading process and new C&C communication through DNS TXT requests.

What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox