BR100 Decreased By (-0.15%)
BR30 Decreased By (-0.74%)
KSE100 Decreased By (-0.41%)
KSE30 Decreased By (-0.67%)
BECO 5.80 Decreased By ▼ -0.23 (-3.81%)
BML 58.03 Increased By ▲ 5.28 (10.01%)
BOP 33.85 Decreased By ▼ -0.40 (-1.17%)
CNERGY 8.15 Decreased By ▼ -0.01 (-0.12%)
DCL 11.77 Decreased By ▼ -0.57 (-4.62%)
FCCL 53.35 Decreased By ▼ -0.54 (-1%)
FCSC 5.40 Increased By ▲ 0.18 (3.45%)
FFL 17.89 Decreased By ▼ -0.14 (-0.78%)
FNEL 1.31 Increased By ▲ 0.01 (0.77%)
HUMNL 11.06 Increased By ▲ 0.06 (0.55%)
KEL 8.05 Decreased By ▼ -0.06 (-0.74%)
KOSM 5.45 Increased By ▲ 0.07 (1.3%)
MLCF 87.19 Decreased By ▼ -0.86 (-0.98%)
NBP 184.60 Decreased By ▼ -1.88 (-1.01%)
PACE 11.62 Increased By ▲ 0.90 (8.4%)
PAEL 40.31 Increased By ▲ 0.37 (0.93%)
PIAHCLA 26.10 Decreased By ▼ -0.07 (-0.27%)
PIBTL 17.09 Decreased By ▼ -0.23 (-1.33%)
PPL 228.40 Decreased By ▼ -4.38 (-1.88%)
PRL 34.59 Decreased By ▼ -0.36 (-1.03%)
PTC 67.35 Decreased By ▼ -0.21 (-0.31%)
SEARL 91.00 Increased By ▲ 0.07 (0.08%)
SSGC 26.90 Decreased By ▼ -0.27 (-0.99%)
TELE 8.53 Decreased By ▼ -0.04 (-0.47%)
THCCL 66.14 Increased By ▲ 6.01 (10%)
TPLP 9.29 Increased By ▲ 0.53 (6.05%)
TREET 24.59 Increased By ▲ 0.05 (0.2%)
TRG 71.69 Decreased By ▼ -0.06 (-0.08%)
WAVES 10.98 Increased By ▲ 1.00 (10.02%)
WTL 1.28 Increased By ▲ 0.02 (1.59%)
اردو
Android App
Print Edition Dollar to PKR
Budget 2026-27 Iran-US war Petrol Prices Gold Rates Podcasts PSX Notices
Technology Print edition: 2025-10-30

Kaspersky identifies cyberespionage drive targeting Windows Server systems

Published October 30, 2025 Updated October 30, 2025 08:16am
Save
2 min
comment
By Recorder Report
Add BRecorder as a trusted
source on Google
Google Preferred Source

ISLAMABAD: A cyber security company on Wednesday disclosed that a cyberespionage campaign is targeting Windows Server systems in government, financial and industrial organizations across Asia, Africa and Latin America.

Kaspersky’s Global Research and Analysis Team (GReAT) have uncovered an ongoing cyberespionage PassiveNeuron campaign has been observed since December 2024 and continued through August 2025.

After six months of inactivity, PassiveNeuron has resumed operations, using three main tools - two of which were previously unknown - to gain and maintain access to targeted networks. These tools are: Neursite, a modular backdoor; NeuralExecutor, a .NET-based implant; Cobalt Strike, a penetration testing framework often used by threat actors.

“PassiveNeuron stands out for its focus on compromising servers, which are often the backbone of organizational networks,” said Georgy Kucherin, Security Researcher at GReAT, Kaspersky.

“Servers exposed to the Internet are particularly attractive targets for advanced persistent threat (APT) groups, as a single compromised host can provide access to critical systems. It is therefore essential to minimize the attack surface related to them and continuously monitor server applications to detect and stop potential infections.”

The Neursite backdoor can collect system information, manage running processes and route network traffic through compromised hosts, enabling lateral movement within a network. Samples were found communicating with both external command-and-control servers and compromised internal systems, the report added.

Copyright Business Recorder, 2025

Kaspersky cyberespionage Windows Server systems

Comments

Comments are closed for this article.

More Stories

Browse all stories