Tag: lazarus
-
North Korean hackers spotted using new tools on employees of ‘nuclear-related’ org
Researchers at Kaspersky said they found the Lazarus Group using “a complex infection chain that included multiple types of malware, such as a downloader, loader, and backdoor, demonstrating the group’s evolved delivery and improved persistence methods.”]]> First seen on therecord.media Jump to article: therecord.media/lazarus-group-new-tools-kaspersky
-
Lazarus Group Targets Nuclear Industry with CookiePlus Malware
KEY SUMMARY POINTS Securelist by Kaspersky has published its latest threat intelligence report focused on the activities of… First seen on hackread.com Jump to article: hackread.com/lazarus-group-nuclear-industry-cookieplus-malware/
-
Lazarus APT targeted employees at an unnamed nuclear-related organization
North Korea-linked Lazarus Group targeted employees of an unnamed nuclear-related organization in January 2024. Kaspersky researchers observed the North Korea-linked Lazarus Group targeting at least two employees associated with the same nuclear-related organization over the course of one month. The experts believe the attacks are part the cyber espionage campaign Operation Dream Job (aka NukeSped),…
-
Lazarus Group’s Evolving Arsenal: New Malware and Infection Chains Unveiled
In a recent analysis by Kaspersky Labs, the infamous Lazarus Group continues to refine its strategies, blending old tactics with new malware to create advanced and stealthy attack chains. Dubbed... First seen on securityonline.info Jump to article: securityonline.info/lazarus-groups-evolving-arsenal-new-malware-and-infection-chains-unveiled/
-
Lazarus Group Spotted Targeting Nuclear Engineers with CookiePlus Malware
The Lazarus Group, an infamous threat actor linked to the Democratic People’s Republic of Korea (DPRK), has been observed leveraging a “complex infection chain” targeting at least two employees belonging to an unnamed nuclear-related organization within the span of one month in January 2024.The attacks, which culminated in the deployment of a new modular backdoor…
-
8 biggest cybersecurity threats manufacturers face
Tags: access, ai, apt, attack, authentication, automation, awareness, business, china, cloud, computer, control, cyber, cyberattack, cybercrime, cybersecurity, data, data-breach, ddos, detection, email, encryption, exploit, extortion, firmware, framework, group, Hardware, india, infrastructure, intelligence, international, Internet, iot, iran, lazarus, leak, malicious, malware, monitoring, network, nis-2, north-korea, open-source, password, phishing, ransom, ransomware, regulation, risk, risk-analysis, risk-assessment, russia, service, software, strategy, supply-chain, technology, threat, update, vulnerability, windowsThe manufacturing sector’s rapid digital transformation, complex supply chains, and reliance on third-party vendors make for a challenging cyber threat environment for CISOs.Manufacturers, often prime targets for state-sponsored malicious actors and ransomware gangs, face the difficult task of maintaining cost-effective operations while modernizing their network infrastructure.”Many manufacturing systems rely on outdated technology that lacks modern…
-
DMM Bitcoin Ceases Operations Following $300 Million Cyberattack, Attributed to Lazarus Group
DMM Bitcoin, a leading Japanese cryptocurrency exchange, has announced its impending closure following a major cybersecurity incident. The exchange fell victim to a sophisticated cyberattack on May 31st, 2024, resulting... First seen on securityonline.info Jump to article: securityonline.info/dmm-bitcoin-ceases-operations-following-300-million-cyberattack-attributed-to-lazarus-group/
-
Lazarus lockt Mitarbeiter mit trojanisierten Programmieraufgaben: Der Fall eines spanischen Luft- und Raumfahrtunternehmens
nalyse eines Lazarus-Angriffs, der Mitarbeiter eines Luft- und Raumfahrtunternehmens anlockte, entdeckten ESET-Forscher eine öffentlich nicht dokument… First seen on welivesecurity.com Jump to article: www.welivesecurity.com/de/eset-research/lazarus-lockt-mitarbeiter-mit-trojanisierten-programmieraufgaben-der-fall-eines-spanischen-luft-und-raumfahrtunternehmens/
-
The Lasting Repercussions of the Sony Hack
The Sony Pictures hack in 2014 by the North Korean Lazarus Group was a seminal event both in Hollywood and in the security community, bringing to ligh… First seen on duo.com Jump to article: duo.com/decipher/the-lasting-repercussions-of-the-sony-hack
-
CVE-2024-38193 Exploited by Lazarus Group in Targeted Attacks
A newly patched security vulnerability in Microsoft Windows has been actively exploited by the Lazarus Group, a notorious state-sponsored hacking grou… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/cve-2024-38193-lazarus-group/
-
Lazarus Hackers Exploits macOS Extended Attributes To Evade Detection
The xattr command in Unix-like systems allows for the embedding of hidden metadata within files, similar to Windows ADS, known as Rustyattr, which is being exploited by threat actors like Lazarus Group to stealthily conceal malicious payloads within seemingly benign files. The Lazarus Group is covertly embedding malicious data within system files using xattr, a…
-
North Korea’s Lazarus observed testing new macOS trojan in the wild
First seen on scworld.com Jump to article: www.scworld.com/news/north-koreans-lazarus-observed-testing-new-macos-trojan-in-the-wild
-
North Korean’s Lazarus observed testing new macOS trojan in the wild
First seen on scworld.com Jump to article: www.scworld.com/news/lazarus-observed-testing-new-macos-trojan-in-the-wild
-
Lazarus Group Targets macOS with RustyAttr Trojan in Fake Job PDFs
Group-IB has uncovered Lazarus group’s stealthy new trojan and technique of hiding malicious code in extended attributes on… First seen on hackread.com Jump to article: hackread.com/lazarus-group-macos-rustyattr-trojan-fake-job-pdfs/
-
New RustyAttr Malware Targets macOS Through Extended Attribute Abuse
Threat actors have been found leveraging a new technique that abuses extended attributes for macOS files to smuggle a new malware called RustyAttr.The Singaporean cybersecurity company has attributed the novel activity with moderate confidence to the infamous North Korea-linked Lazarus Group, citing infrastructure and tactical overlaps observed in connection with prior campaigns, including First seen…
-
RustyAttr Trojan: Lazarus Group’s New macOS Malware Evades Antivirus with Ease
Researchers at Group-IB have discovered a new stealth technique employed by the North Korean APT group Lazarus, targeting macOS systems through a unique code-smuggling method. Known for its sophisticated cyber-espionage... First seen on securityonline.info Jump to article: securityonline.info/rustyattr-trojan-lazarus-groups-new-macos-malware-evades-antivirus-with-ease/
-
Lazarus Group Uses Extended Attributes for Code Smuggling in macOS
Lazarus APT has been found smuggling malware onto macOS devices using custom extended attributes, evading detection First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/lazarus-extended-attributes-macos/
-
Lazarus Group Exploits Google Chrome Vulnerability to Control Infected Devices
The North Korean threat actor known as Lazarus Group has been attributed to the zero-day exploitation of a now-patched security flaw in Google Chrome … First seen on thehackernews.com Jump to article: thehackernews.com/2024/10/lazarus-group-exploits-google-chrome.html
-
Mac Malware Threat: Hackers Seek Cryptocurrency Holders
Lazarus Group in Particular Using Cross-Platform Languages to Hit macOS Targets. Cryptocurrency-seeking hackers are increasingly targeting macOS users… First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/mac-malware-threat-hackers-seek-cryptocurrency-holders-a-26697
-
Feds reach for sliver of crypto-cash nicked by North Korea’s notorious Lazarus Group
First seen on theregister.com Jump to article: www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/
-
Fraudulent DeFi game leveraged in new crypto investor-targeted Lazarus attack
First seen on scworld.com Jump to article: www.scworld.com/brief/fraudulent-defi-game-leveraged-in-new-crypto-investor-targeted-lazarus-attack
-
North Korean Hackers Exploited Chrome Zero-Day for Cryptocurrency Theft
The Lazarus APT created a deceptive website that exploited a Chrome zero-day to install malware and steal cryptocurrency. The post North Korean Hacker… First seen on securityweek.com Jump to article: www.securityweek.com/north-korean-hackers-exploited-chrome-zero-day-for-cryptocurrency-theft/
-
Lazarus hackers used fake DeFi game to exploit Google Chrome zero-day
The North Korean Lazarus hacking group exploited a Google Chrome zero-day tracked as CVE-2024-4947 through a fake decentralized finance (DeFi) game ta… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/lazarus-hackers-used-fake-defi-game-to-exploit-google-chrome-zero-day/
-
DOJ Wants to Claw Back $2.67 Million Stolen by Lazarus Group
The DOJ wants to seize $2.67 million from the $69 million in crypto the North Korean-backed Lazarus Group stole in from the options exchange Deribit i… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/10/doj-wants-to-claw-back-2-67-million-stolen-by-lazarus-group/
-
Developers Beware: Lazarus Group Uses Fake Coding Tests to Spread Malware
Cybersecurity researchers have uncovered a new set of malicious Python packages that target software developers under the guise of coding assessments…. First seen on thehackernews.com Jump to article: thehackernews.com/2024/09/developers-beware-lazarus-group-uses.html
-
Cryptohack Roundup: Delta Prime, Ethena Exploits
Also: US SEC Settles With Prager Metis, Rari Capital. This week, Delta Prime and Ethena were hacked, Lazarus’ funds were frozen, the SEC settled with … First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/cryptohack-roundup-delta-prime-ethena-exploits-a-26320