Skip to content

News
Cybercrime
Risk
Policy
Privacy
Research
Cloud
Insurance

LinkedIn
Facebook

Windows servers

Kaspersky outlines ‘PassiveNeuron’ campaign using bespoke implants and Cobalt Strike

Cybercrime, News, Research, Risk

October 22, 2025

Kaspersky has reported a sustained espionage campaign named PassiveNeuron that has targeted government, financial and industrial servers across Asia, Africa and Latin America since mid-2024, using bespoke implants Neursite and NeuralExecutor alongside Cobalt Strike; the activity remains unattributed.
GhostRedirector threat cluster compromises 65 Windows servers, deploys Rungan backdoor and Gamshen IIS module for SEO fraud

Cybercrime, News, Research

September 5, 2025

A fresh threat cluster named GhostRedirector has compromised at least 65 Windows servers, deploying a passive backdoor called Rungan and an IIS module named Gamshen to conduct SEO fraud, according to ESET researchers. The campaign shows SQL injection-based initial access, PowerShell-based tool delivery, and persistence through multiple remote-access tools, with a China-aligned attribution considered plausible…

About
Editorial Policy
Privacy
Contact