• Kimsuky Hackers Deploy New Linux Backdoor in Attacks on South Korea
• Tracking the Progression of Earth Hundun's Cyberespionage Campaign in 2024
• SugarGh0st RAT Variant Used in Targeted AI Industry Attacks
• New Backdoors on a European Government’s Network Appear to be Russian
• New Android Banking Trojan Mimics Google Play Update App
• SEC to Require Financial Firms to Have Data Breach Incident Plans
• UK Lags Europe on Exploited Vulnerability Remediation
• New UK System Will See ISPs Benefit From Same Protections as Government Networks
• Cybersecurity Leaders Expect Their SOC Budgets to Grow, KPMG Finds
• US exposes scheme enabling North Korean IT workers to bypass sanctions
• FCC Might Require Telecoms to Report on Securing Internet’s BGP Technology
• Remote-Access Tools the Intrusion Point to Blame for Most Ransomware Attacks
• The importance of access controls in incident response
• The IT skills shortage situation is not expected to get any better
• Too many ICS assets are exposed to the public internet
• New infosec products of the week: May 17, 2024
• Critical Git vulnerability allows RCE when cloning repositories with submodules (CVE-2024-32002)

Gomir shares many similarities with GoBear and features direct command and control (C2) communication, persistence mechanisms, and support for executing a wide range of commands.