The China-based APT group Flax Typhoon used a function within ArcGIS’ legitimate geo-mapping software to create a webshell through which it established persistence for more than a year to execute malicious commands and steal credentials.
The post China’s Flax Typhoon Exploits ArcGIS App for Year-Long Persistence appeared first on Security Boulevard.