All news with #tomiris tag

Tomiris Shifts to Public Services for C2 Evasion Tactics

🛡️ Kaspersky researchers report that the Tomiris threat actor has increasingly used legitimate public services such as Telegram and Discord as command-and-control channels to blend malicious traffic with benign activity. The campaign relies on tailored spear-phishing with password-protected RAR attachments, multi-language implants, and open-source C2 frameworks like Havoc and AdaptixC2. Targeting focuses on Russian-speaking governmental and diplomatic entities across Central Asia and Russia, enabling long-term persistence and covert intelligence collection.