What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-08-18 01:33:33 | NK Hackers Deploy Browser Exploits on South Korean Sites to Spread Malware (lien direct) | A North Korean threat actor has been discovered taking advantage of two exploits in Internet Explorer to infect victims with a custom implant as part of a strategic web compromise (SWC) targeting a South Korean online newspaper.
Cybersecurity firm Volexity attributed the attacks to a threat actor it tracks as InkySquid, and more widely known by the monikers ScarCruft and APT37. Daily NK, the |
Malware Threat Cloud | APT 37 | |
 |
2021-01-07 18:24:41 | North Korea-linked APT37 targets South with RokRat Trojan (lien direct) | Experts spotted the RokRat Trojan being used by North Korea-linked threat actors in attacks aimed at the South Korean government. On December 7 2020 researchers from Malwarebytes uncovered a campaign targeting the South Korean government with a variant of the RokRat RAT. The experts found a malicious document uploaded to Virus Total related to a […] | Threat | APT 37 | |
 |
2021-01-06 15:14:45 | Retrohunting APT37: North Korean APT used VBA self decode technique to inject RokRat (lien direct) |
A North Korean threat group has swapped the usual Hangul Office lures for a cleverly packed Office macro.
Categories: Social engineeringThreat analysis
Tags: APT37HangulkoreaOfficerokratVBA
(Read more...)
|
Threat Cloud | APT 37 | |
|
2020-11-03 03:49:37 | New Kimsuky Module Makes North Korean Spyware More Powerful (lien direct) | A week after the US government issued an advisory about a "global intelligence gathering mission" operated by North Korean state-sponsored hackers, new findings have emerged about the threat group's spyware capabilities.
The APT - dubbed "Kimsuky" (aka Black Banshee or Thallium) and believed to be active as early as 2012 - has been now linked to as many as three hitherto undocumented malware, |
Threat Cloud | APT 37 | |
 |
2020-01-03 10:40:14 | Microsoft helps shutter domains run by North Korean cybergang Thallium (lien direct) | A U.S. district court issued an order enabling Microsoft to take over 50 domains used by a North Korea-based cybercrime gang to conduct spear phishing campaigns. Microsoft's Digital Crimes Unit and the Microsoft Threat Intelligence Center took down the domains controlled by a group it named Thallium after researching the malicious actors activity and filing […] | Threat Cloud | APT 37 | |
 |
2019-05-13 15:29:00 | North Korea-Linked \'ScarCruft\' Adds Bluetooth Harvester to Toolkit (lien direct) | A North Korea-linked threat group tracked as ScarCruft, APT37 and Group123 continues to evolve and expand its toolkit, Kaspersky Lab reported on Monday. | Threat Cloud | APT 37 | |
 |
2018-08-15 12:30:04 | July\'s Most Wanted Malware: Attacks Targeting IoT and Networking doubled since May 2018 (lien direct) | Three IoT vulnerabilities entered July's top ten most exploited vulnerabilities list, as threat actors have doubled their attacks on these Mirai and Reaper-related vulnerabilities since May 2018. During July 2018, three IoT vulnerabilities entered the Top 10 most exploited list: MVPower DVR router Remote Code Execution at #5; D_Link DSL-2750B router Remote Command Execution… | Threat Cloud | APT 37 | |
|
2018-07-11 11:49:04 | Hacker offered for sale US Military Reaper Drone documents for $200 (lien direct) | Researchers at threat intelligence firm Recorded Future have reported that a hacker was trying to sell US Military Reaper drone documents for less than $200. The news is disconcerting, the hackers may have obtained the documents related to the Reaper drone by hacking into at least two computers belonging to U.S. military personnel. “Specifically, an English-speaking hacker claimed […] | Threat Cloud | APT 37 |
To see everything:
Our RSS (filtrered)
