Lucene search
K

10 matches found

The Hacker News
The Hacker News
added 2023/09/05 10:15 a.m.50 views

Researchers Warn of Cyber Weapons Used by Lazarus Group's Andariel Cluster

The North Korean threat actor known as Andariel has been observed employing an arsenal of malicious tools in its cyber assaults against corporations and organizations in the southern counterpart. "One characteristic of the attacks identified in 2023 is that there are numerous malware strains...

8AI score
Exploits0
The Hacker News
The Hacker News
added 2023/06/29 10:49 a.m.4 views

North Korean Hacker Group Andariel Strikes with New EarlyRat Malware

The North Korea-aligned threat actor known as Andariel leveraged a previously undocumented malware called EarlyRat in phishing attacks, adding another piece to the group's wide-ranging toolset. "Andariel infects machines by executing a Log4j exploit, which, in turn, downloads further malware from...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2023/06/29 10:49 a.m.23 views

North Korean Hacker Group Andariel Strikes with New EarlyRat Malware

The North Korea-aligned threat actor known as Andariel leveraged a previously undocumented malware called EarlyRat in phishing attacks, adding another piece to the group's wide-ranging toolset. "Andariel infects machines by executing a Log4j exploit, which, in turn, downloads further malware from...

7.4AI score
Exploits0
Securelist
Securelist
added 2023/06/28 10:0 a.m.23 views

Andariel’s silly mistakes and a new malware family

Introduction Andariel, a part of the notorious Lazarus group, is known for its use of the DTrack malware and Maui ransomware in mid-2022. During the same period, Andariel also actively exploited the Log4j vulnerability as reported by Talos and Ahnlab. Their campaign introduced several new malware...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2023/04/13 9:7 a.m.3 views

Lazarus Hacker Group Evolves Tactics, Tools, and Targets in DeathNote Campaign

The North Korean threat actor known as the Lazarus Group has been observed shifting its focus and rapidly evolving its tools and tactics as part of a long-running campaign called DeathNote. While the nation-state adversary is known for persistently singling out the cryptocurrency sector, recent...

6.7AI score
Exploits0
hivepro
hivepro
added 2022/05/25 2:36 a.m.22 views

Lazarus distributes Nukesped to VMware Horizon Servers by exploiting Log4J

Threat Level Actor Report For a detailed advisory, download the pdf file here Summary Lazarus, a North Korean threat actor group, is deploying Nukesped aka Manuscrypt malware on unpatched VMware Horizon servers by exploiting the Log4J remote code execution vulnerability...

3.3AI score
Exploits0
The Hacker News
The Hacker News
added 2022/05/20 10:23 a.m.43 views

Hackers Exploiting VMware Horizon to Target South Korea with NukeSped Backdoor

The North Korea-backed Lazarus Group has been observed leveraging the Log4Shell vulnerability in VMware Horizon servers to deploy the NukeSped aka Manuscrypt implant against targets located in its southern counterpart. "The attacker used the Log4j vulnerability on VMware Horizon products that wer...

0.2AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2021/06/22 12:0 a.m.14 views

NukeSped Copies Fileless Code From Bundlore, Leaves It Unused

While investigating samples of NukeSped, a remote access trojan RAT, Trend Micro came across several Bundlore adware samples using the same fileless routine that was spotted in NukeSped...

2.5AI score
Exploits0
ThreatPost
ThreatPost
added 2021/02/26 7:56 p.m.35 views

Lazarus Targets Defense Companies with ThreatNeedle Malware

The prolific North Korean APT known as Lazarus is behind a spear-phishing campaign aimed at stealing critical data from defense companies by leveraging an advanced malware called ThreatNeedle, new research has revealed. The elaborate and ongoing cyberespionage campaign used emails with COVID-19...

7.4AI score
Exploits0References7
Securelist
Securelist
added 2021/02/25 10:0 a.m.221 views

Lazarus targets defense industry with ThreatNeedle

Lazarus targets defense industry with ThreatNeedle PDF We named Lazarus the most active group of 2020. Weve observed numerous activities by this notorious APT group targeting various industries. The group has changed target depending on the primary objective. Google TAG has recently published a...

7.1AI score
Exploits0
Rows per page
Query Builder