Rascals are always sociable, and the chief sign that a man has any nobility in his character is the little pleasure he takes in others company. Arthur Schopenhauer

Tarrask malware uses scheduled tasks for defense evasion

As Microsoft continues to track the high-priority state-sponsored threat actor HAFNIUM, new activity has been uncovered that leverages unpatched zero-day vulnerabilities as initial vectors. The Microsoft Detection and Response Team (DART) in collaboration with the Microsoft Threat Intelligence Center (MSTIC) identified a multi-stage attack targeting the Zoho Manage Engine Rest API authentication bypass vulnerability to initially implant a Godzilla web shell with similar properties detailed by the Unit42 team in a previous blog. Tarrask malware uses scheduled tasks for defense evasion

Note: I don’t see how this got attributed to HAFNIUM, I guess it’s easy for Prism collectors, Chinese letters -> Chinese APT -> DONE. Also I puked a little in my mouth because of the link to Microsoft but the info might be useful to some of my readers.