MirrorFace, a threat actor targeting media, political organizations, and academic institutions since 2022, has shifted focus to manufacturers and research institutions in 2023.  Initially relying on spear phishing, the actor now exploits vulnerabilities in external assets like Array AG and FortiGate products to infiltrate networks. NOOPDOOR, a shellcode delivered via XML or DLL, injects itself … Continue reading MirrorFace Cyberattacks: Exploiting Internet Vulnerabilities to Cripple Organizations