Lucene search
+L

24 matches found

The Hacker News
The Hacker News
added 2021/01/08 9:54 a.m.37 views

ALERT: North Korean hackers targeting South Korea with RokRat Trojan

A North Korean hacking group has been found deploying the RokRat Trojan in a new spear-phishing campaign targeting the South Korean government. Attributing the attack to APT37 aka Starcruft, Ricochet Chollima, or Reaper, Malwarebytes said it identified a malicious document last December that, whe...

0.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/01/06 3:14 p.m.46 views

Retrohunting APT37: North Korean APT used VBA self decode technique to inject RokRat

This post was authored by Hossein Jazi On December 7 2020 we identified a malicious document uploaded to Virus Total which was purporting to be a meeting request likely used to target the government of South Korea. The meeting date mentioned in the document was 23 Jan 2020, which aligns with the...

7.2AI score
Exploits0
Kitploit
Kitploit
added 2020/10/01 8:30 p.m.326 views

Powerglot - Encodes Offensive Powershell Scripts Using Polyglots

Powerglot encodes several kind of scripts using polyglots, for example, offensive powershell scripts. It is not needed a loader to run the payload. In red-team exercises or offensive tasks, masking of payloads is usually done by using steganography, especially to avoid network level protections,...

7.5AI score
Exploits0References1
FireEye
FireEye
added 2018/02/20 8:30 a.m.4157 views

APT37 (Reaper): The Overlooked North Korean Actor

On Feb. 2, 2018, we published a blog detailing the use of an Adobe Flash zero-day vulnerability CVE-2018-4878 by a suspected North Korean cyber espionage group that we now track as APT37 Reaper. Our analysis of APT37’s recent activity reveals that the group’s operations are expanding in scope and...

9.3CVSS8.8AI score0.93289EPSS
Exploits26
Rows per page
Query Builder