The Russian state-sponsored group behind the RomCom malware family used the SocGholish loader for the first time to launch an attack on a U.S.-based civil engineering firm, continuing its targeting of organizations that offer support to Ukraine in its ongoing war with its larger neighbor.

The post Russian-Backed Threat Group Uses SocGholish to Target U.S. Company appeared first on Security Boulevard.

The attack on the engineering firm was identified by Arctic Wolf in September before it could disrupt the engineering company’s operations or spread further.

The post Russian Hackers Target US Engineering Firm Because of Work Done for Ukrainian Sister City appeared first on SecurityWeek.