Russian government agencies and industrial entities are the target of an ongoing activity cluster dubbed Awaken Likho.
« The attackers now prefer using the agent for the legitimate MeshCentral platform instead of the UltraVNC module, which they had previously used to gain remote access to systems, » Kaspersky said, detailing a new campaign that began in June 2024 and continued at least until
