Tag: lazarus
-
WinorDLL64: Backdoor aus dem Lazarus Arsenal?
egion und die Überschneidungen in Verhalten und Code lassen vermuten, dass das Tool von der berüchtigten, mit Nordkorea verbündeten APT-Gruppe verwend… First seen on welivesecurity.com Jump to article: www.welivesecurity.com/deutsch/2023/02/23/winordll64-backdoor-aus-dem-lazarus-arsenal/
-
RedTail Cryptomining Malware Exploits PAN-OS Vulnerability
Threat Actors Mirror the Tactics of North Korea’s Lazarus Group. Cryptomining malware that might be North Korean in origin is targeting edge devices, … First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/redtail-cryptomining-malware-exploits-pan-os-vulnerability-a-25371
-
RedTail Malware Abuses Palo Alto Flaw in Latest Cryptomining Campaign
Hackers with possible ties to the notorious North Korea-linked Lazarus Group are exploiting a recent critical vulnerability in Palo Alto Network’s PAN… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/05/redtail-malware-abuses-palo-alto-flaw-in-latest-cryptomining-campaign/
-
North Korea’s Lazarus Group Deploys New Kaolin RAT via Fake Job Lures
The North Korea-linked threat actor known as Lazarus Group employed its time-tested fabricated job lures to deliver a new remote access trojan called … First seen on thehackernews.com Jump to article: thehackernews.com/2024/04/north-koreas-lazarus-group-deploys-new.html
-
North Korea APT Triumvirate Spied on South Korean Defense Industry For Years
Lazarus, Kimsuky, and Andariel all got in on the action, stealing important data from firms responsible for defending their southern neighbors (from t… First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/north-korea-apt-triumvirate-spied-on-south-korean-defense-industry-for-years
-
Target Locked: Operation Sharpshooter
Operation Sharpshooter was a significant cyberattack by the Lazarus Group, targeting critical industries like finance, energy, and defense. Dive into … First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/04/target-locked-operation-sharpshooter/
-
Intercept the Adversary: Lazarus Group Operation In(ter)ception
Operation In(ter)ception reveals Lazarus Group’s 2019 cyber campaign targeting military and aerospace organizations in Europe and the Middle East. Del… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/04/intercept-the-adversary-lazarus-group-operation-interception/
-
Cyber Sorcery: Confronting Lazarus Group MagicRAT and TigerRAT Campaign
Discover the origin, tactics and future of Remote Access Trojan (RAT) dubbed MagicRAT and how leveraging AttackIQ Flex can help your organization simu… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/04/cyber-sorcery-confronting-lazarus-group-magicrat-and-tigerrat-campaign/
-
Lazarus APT group returned to Tornado Cash to launder stolen funds
North Korea-linked Lazarus APT group allegedly using again the mixer platform Tornado Cash to launder $23 million. North Korea-linked Lazarus APT gro… First seen on securityaffairs.com Jump to article: securityaffairs.com/160525/breaking-news/lazarus-apt-returned-tornado-cash.html
-
Lazarus Exploits Typos to Sneak PyPI Malware into Dev Systems
The notorious North Korean state-backed hacking group Lazarus uploaded four packages to the Python Package Index (PyPI) repository with the goal of in… First seen on thehackernews.com Jump to article: thehackernews.com/2024/02/lazarus-exploits-typos-to-sneak-pypi.html
-
Lazarus Hackers Exploited Windows Kernel Flaw as Zero-Day in Recent Attacks
The notorious Lazarus Group actors exploited a recently patched privilege escalation flaw in the Windows Kernel as a zero-day to obtain kernel-level a… First seen on thehackernews.com Jump to article: thehackernews.com/2024/02/lazarus-hackers-exploited-windows.html
-
Microsoft Zero-Day Used by Lazarus in Rootkit Attack
North Korean state actors Lazarus Group used a Windows AppLocker zero-day, along with a new and improved rootkit, in a recent cyberattack, researchers… First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/microsoft-zero-day-used-by-lazarus-in-rootkit-attack
-
Microsoft Zero Day Used by Lazarus in Rootkit Attack
North Korean state actors Lazarus Group used a Windows AppLocker zero day, along with a new and improved rootkit, in a recent cyberattack, researchers… First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/microsoft-zero-day-used-by-lazarus-in-rootkit-attack
-
Lazarus Hackers Exploited Windows 0-Day to Gain Kernel read/write Access
The Lazarus Group, a well-known cybercriminal organization, has recently exploited a zero-day vulnerability in Windows to gain kernel privileges, a cr… First seen on gbhackers.com Jump to article: gbhackers.com/lazarus-hackers-exploited-windows-0-day/
-
Lazarus hackers exploited Windows zero-day to gain Kernel privileges
North Korean threat actors known as the Lazarus Group exploited a flaw in the Windows AppLocker driver (appid.sys) as a zero-day to gain kernel-level … First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/lazarus-hackers-exploited-windows-zero-day-to-gain-kernel-privileges/
-
Japan warns of malicious PyPi packages created by North Korean hackers
Tags: computer, group, hacker, hacking, incident response, lazarus, malicious, north-korea, pypi, security-incidentJapan’s Computer Security Incident Response Team (JPCERT/CC) is warning that the notorious North Korean hacking group Lazarus has uploaded four malici… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/japan-warns-of-malicious-pypi-packages-created-by-north-korean-hackers/
-
North Korean hackers now launder stolen crypto via YoMix tumbler
The North Korean hacker collective Lazarus, infamous for having carried out numerous large-scale cryptocurrency heists over the years, has switched to… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/north-korean-hackers-now-launder-stolen-crypto-via-yomix-tumbler/
-
FBI vermutet Lazarus hinter Harmony-Hack
Die Verwendung von Code-Signing-Maschinenidentitäten macht es besonders schwer die Attacken der APT abzuwehren. Durch den Diebstahl von Code-Signatur-… First seen on infopoint-security.de Jump to article: www.infopoint-security.de/fbi-vermutet-lazarus-hinter-harmony-hack/a33251/
-
Lazarus APT-Kampagne: Log4Shell-Exploits weiterhin relevant
First seen on csoonline.com Jump to article: www.csoonline.com/de/a/log4shell-exploits-weiterhin-relevant