Nation-state actor SideWinder compromised the official website of the National Electric Power Regulatory Authority (NEPRA) to deliver a tailored malware called WarHawk. Multiple malicious modules in WarHawk deliver Cobalt Strike, including new TTPs such as KernelCallBackTable injection and checking the Pakistan Standard Time zone for successful operations.
Support the originator by clicking the read the rest link below.