Iranian Threat Group Scarred Manticore Snoops on Entities From Albania to the Middle East
The campaign, which targets high-profile organizations in the Middle East, has been using the LIONTAIL malware framework installed on Windows servers. LIONTAIL uses Windows HTTP stack driver HTTP.sys to load memory-resident payloads.