image credit: unsplash
A newly discovered threat group dubbed Praying Mantis is targeting businesses in the U.S by exploiting vulnerabilities in internet-facing web applications to steal credentials and other data, the security firm Sygnia says.
Sygnia, which also refers to the threat group as TG1021, says the campaign has been ongoing since June 2020. In some cases the group exploits a zero-day vulnerability in Checkbox Survey, a cloud-hosted survey and report analysis platform, which enables it to compromise Windows Internet Information Service servers used for web hosting.
Comments are closed.
