Researchers identified RedCurl APT group activity in Canada in late 2024, where the attackers used scheduled tasks to execute pcalua.exe to run malicious binaries and Python scripts, including the RPivot client.py script to connect to a remote server. Evidence suggests data exfiltration to cloud storage as this APT group targets various industries and aims for […] The post RedCurl APT Deploys Malware via Windows Scheduled Tasks Exploitation appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/redcurl-apt-hackers-absuing-windows/
