Product

SoftEther VPN

1 brief RSS

Flax Typhoon Masquerading SoftEther VPN as Legitimate Windows Binaries

The Flax Typhoon group uses SoftEther VPN, masquerading the VPN client as legitimate Windows binaries like conhost.exe and dllhost.exe, to obfuscate their network activity within compromised Taiwanese organizations.

SoftEther VPN +3 Flax Typhoon +1 flax-typhoon defense-evasion lateral-movement vpn process-masquerading

2r 2t Jan 3, 2024