New Dohdoor malware campaign targets education and health care

Ali Nemati4 days ago30 sec read4 views

Cisco Talos identified a new malware campaign dubbed UAT-10027 targeting education and healthcare sectors in South Korea using DNS-over-HTTPS (DoH) to evade detection. The malware, named Dohdoor, employs process hollowing, custom XOR-SUB decryption with position-dependent techniques, and NTDLL unhooking to bypass EDR monitoring. Talos observed similarities between Dohdoor's tactics and those of North Korean APT Lazarus but noted deviations in targeting sectors. ClamAV signatures and SNORT rules are provided for detection and mitigation.

Read the full article at Cisco Talos

Want to create content about this topic? Use Nemati AI tools to generate articles, social posts, and more.

Comments

Why I spent my weekend building a "Cyber-Immune System" for students

A cybersecurity platform called StudentGuard Syndicate was built to protect students from recruitment fraud by using real-time forensics and a decentr...A cybersecurity platform called StudentGuard Syndicate was built to protect students from recruitment fraud by using real-time forensics and a decentralized network to share threat information. This initiative is crucial for content creators as it hi...

Ali Nemati

Cybersecurity2 days ago21 sec read

Hackers steal medical details of 15 million in France

French hackers stole medical and administrative data of over 15 million people, including sensitive personal annotations from doctors' notes for about...French hackers stole medical and administrative data of over 15 million people, including sensitive personal annotations from doctors' notes for about 169,000 patients. This breach highlights severe cybersecurity risks in healthcare systems, emphasiz...

Ali Nemati

Cybersecurity3 days ago26 sec read

Senate moves one step closer to passing health care cyber reforms

The Senate Health Committee advanced a bipartisan bill aimed at enhancing cybersecurity in the healthcare sector by requiring HHS to develop incident ...The Senate Health Committee advanced a bipartisan bill aimed at enhancing cybersecurity in the healthcare sector by requiring HHS to develop incident response plans and collaborate with CISA for oversight. This move is crucial following significant c...

Ali Nemati

Cybersecurity4 days ago22 sec read

Medical Device Maker UFP Technologies Hit by Cyberattack

UFP Technologies, a medical device manufacturer, suffered a ransomware attack involving data theft and file encryption. This incident underscores the ...UFP Technologies, a medical device manufacturer, suffered a ransomware attack involving data theft and file encryption. This incident underscores the increasing vulnerability of healthcare suppliers to cyber threats, which can disrupt critical medica...

Ali Nemati

Cybersecurity4 days ago26 sec read

Tech & Learning Awards of Excellence 2025 Winner

ManagedMethods' Classroom Manager and Content Filter won the Tech & Learning Awards of Excellence in the Primary Education category for 2025, high...ManagedMethods' Classroom Manager and Content Filter won the Tech & Learning Awards of Excellence in the Primary Education category for 2025, highlighting their effectiveness in cybersecurity and classroom management solutions for K-12 schools. T...

Ali Nemati

New Dohdoor malware campaign targets education and health care

Related Articles

Why I spent my weekend building a "Cyber-Immune System" for students

Hackers steal medical details of 15 million in France

Senate moves one step closer to passing health care cyber reforms

Medical Device Maker UFP Technologies Hit by Cyberattack

Tech & Learning Awards of Excellence 2025 Winner