Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2023-10-27 06:00:12 |
Une cascade de compromis: dévoiler la nouvelle campagne de Lazarus \\ ' A cascade of compromise: unveiling Lazarus\\' new campaign (lien direct) |
Nous dévoilons une campagne Lazarus exploitant les produits de la société de sécurité et examinons ses connexions complexes avec d'autres campagnes
We unveil a Lazarus campaign exploiting security company products and examine its intricate connections with other campaigns |
|
APT 38
APT 38
|
★★
|
|
2023-08-30 10:00:05 |
Évolution des menaces informatiques au deuxième trimestre 2023 IT threat evolution in Q2 2023 (lien direct) |
Aperçu du deuxième trimestre 2023 : attaques ciblées telles que l'opération Triangulation, l'activité CloudWizard et Lazarus, le ransomware Nokoyawa et autres.
Q2 2023 overview: targeted attacks such as Operation Triangulation, CloudWizard and Lazarus activity, Nokoyawa ransomware, and others. |
Threat
|
APT 38
|
★★★
|
|
2023-04-12 08:00:00 |
Suivant le groupe Lazare en suivant la campagne DeathNote Following the Lazarus group by tracking DeathNote campaign (lien direct) |
Le groupe Lazare est un acteur de menace coréen de haut niveau avec plusieurs sous-campagnols.Dans ce blog, nous nous concentrons sur un cluster actif que nous avons surnommé DeathNote.
The Lazarus group is a high-profile Korean-speaking threat actor with multiple sub-campaigns. In this blog, we\'ll focus on an active cluster that we dubbed DeathNote. |
Threat
|
APT 38
|
★★★
|
|
2022-05-27 08:00:43 |
IT threat evolution Q1 2022 (lien direct) |
Kaspersky IT threat review in Q1 2022: activity of APTs such as MoonBounce, BlueNororff, Lazarus and Roaming Mantis, attacks against Ukraine, phishing kits, Okta hack and more. |
Hack
Threat
|
APT 38
|
★★★
|
|
2022-03-31 12:00:23 |
Lazarus Trojanized DeFi app for delivering malware (lien direct) |
We recently discovered a Trojanized DeFi application that was compiled in November 2021. This application contains a legitimate program called DeFi Wallet that saves and manages a cryptocurrency wallet, but also implants a full-featured backdoor. |
Malware
|
APT 38
|
|
|
2021-12-16 10:00:19 |
PseudoManuscrypt: a mass-scale spyware attack campaign (lien direct) |
Kaspersky ICS CERT experts identified malware whose loader has some similarities to the Manuscrypt malware, which is part of the Lazarus APT group's arsenal. |
Malware
|
APT 38
APT 28
|
|
|
2021-02-25 10:00:53 |
Lazarus targets defense industry with ThreatNeedle (lien direct) |
In mid-2020, we realized that Lazarus was launching attacks on the defense industry using the ThreatNeedle cluster, an advanced malware cluster of Manuscrypt (a.k.a. NukeSped). While investigating this activity, we were able to observe the complete life cycle of an attack, uncovering more technical details and links to the group's other campaigns. |
Malware
|
APT 38
APT 28
|
|
|
2020-12-23 10:00:08 |
Lazarus covets COVID-19-related intelligence (lien direct) |
As the COVID-19 crisis grinds on, some threat actors are trying to speed up vaccine development by any means available. We have found evidence that actors, such as the Lazarus group, are going after intelligence that could help these efforts by attacking entities related to COVID-19 research. |
Threat
Medical
|
APT 38
APT 28
|
|
|
2020-07-28 10:00:27 |
Lazarus on the hunt for big game (lien direct) |
By investigating a number of targeted ransomware attacks and through discussions with some of our trusted industry partners, we feel that we now have a good grasp on how the ransomware ecosystem is structured. |
Ransomware
|
APT 38
|
|