A state-sponsored threat group, Sandworm (also tracked as APT-C-13 and FROZENBARENTS), has launched a targeted cyberattack campaign using a combined SSH and Tor tunneling technique to maintain long-term hidden access inside victim networks. This campaign marks a clear upgrade from the group’s earlier intrusion tactics, shifting from simple malware callbacks toward a fully anonymous, encrypted […] The post New Sandworm Tradecraft Uses SSH-over-Tor Tunnel for Long-Term Hidden Persistence appeared first on Cyber Security News.