Iranian Hackers Using New Marlin Backdoor in 'Out to Sea' Espionage Campaign

An advanced persistent threat (APT) group with ties to Iran has refreshed its malware toolset to include a new backdoor dubbed Marlin as part of a long-running espionage campaign that started in April 2018. Slovak cybersecurity company ESET attributed the attacks -- codenamed "Out to Sea" -- to a threat actor called OilRig (aka APT34), while also conclusively connecting its activities to a second