-
Cyber Command flags North Korean-linked hackers behind ongoing financial heists https://www.cyberscoop.com/north-korea-malware-cyber-command-virus-total-apt38/ …
#APT38@QW5kcmV3 -
#APT38#Lazarus#StardustChollima#HiddenCobra what is behind the second stone ? Analysis of the second stage backend script + backdoor + interactions.Observed a#killswitch for stopping the II stage payload from continuing the execution.https://blog.telsy.com/the-lazarus-gaze-to-the-world-what-is-behind-the-second-stone/ …Prikaži ovu nit -
Slides from my V00d00 talk -> Operation FastCash - Hidden Cobra's AIX PowerPC malware dissected https://github.com/fboldewin/FastCashMalwareDissected/blob/master/Operation%20Fast%20Cash%20-%20Hidden%20Cobra%E2%80%98s%20AIX%20PowerPC%20malware%20dissected.pdf …
#Malware#DFIR#Hacking#APT38#Lazarus#ATMpic.twitter.com/BvehDaSOr1
-
Reminder: attribution solely on malware is challenging & figuring out overlaps of North Korean groups is even more confusing. We've seen
#APT38 deploy Hermes in past. This diagram illustrates overlaps of three
groups APT38, TEMP.Hermit & Lazarus
28/n
https://content.fireeye.com/apt/rpt-apt38 pic.twitter.com/LNx17uYe6w
-
North Korean Hacking Group
#APT38 A Serious Threat Warns#FireEye cc@CsharpCornerhttps://goo.gl/muuA4B -
#APT38#Lazarus C2 analysis id=Encoded key + BoardID:UserID:Base64 &page= BoardID &index = UserID &ReportID = Base64 report: https://blog.telsy.com/the-lazarus-gaze-to-the-world-what-is-behind-the-second-stone/ …pic.twitter.com/H1w4iBkmEr
Prikaži ovu nit -
Here's my report on Noth Korean hacking group
#apt38 and how they've been targeting Swift to rob banks of hundreds of millions https://www.gtreview.com/news/asia/north-koreas-apt38-the-biggest-cyber-threat-to-global-trade-finance/ … -
We did a special
#StateOfTheHack with 3 sets of guests who shared a unique experience: having months of their analysis measured against unveiled DOJ indictments.#FIN7
, #APT38
, & #APT28
videos & show notes: https://www.fireeye.com/blog/products-and-services/2018/10/state-of-the-hack-fireeye-summit-2018-edition.html …
podcast: http://feye.io/soh pic.twitter.com/Oze7dp3nn3
Prikaži ovu nit -
Check out the new report on
#APT38 a group that conducts financial crime on behalf of the NK govt#threatintel https://www.fireeye.com/blog/threat-research/2018/10/apt38-details-on-new-north-korean-regime-backed-threat-group.html …Prikaži ovu nit -
Struts exploits
Linux systems.
Then they upload Windows recon tools that are Themida-packed & encrypted... because they are dicks.
Chris DiGiamo, @Mandiant investigator on a very recent bank heist, confirmed#APT38 moved their SWIFT toolset entirely in-memory.#FireEyeSummit pic.twitter.com/btNQ0RyiHJ
Prikaži ovu nit -
If you missed it and you look for a reading, please take a look here. Is Lazarus/APT38 http://rviv.ly/GoJXk4
#apt38#cybersecurity -
I could use a second set of eyes (
@Arkbird_SOLG@darienhuss), but I think this is old#APT38#PowerRatankba. C2: ecombox[.]storehttps://pastebin.com/x3PFpqNc -
I had a little of fun extracting common code snippets from
#malware samples commonly associated with#DPRK#APT38#Lazarus#StardustChollima to connect the dots between them through#YARA. https://www.emanueledelucia.net/connecting-the-dots-by-clustering-malicious-code-snippets/ … -
#APT38#Lazarus could be the actors behind the#cyberattacks against one of the biggest Indian Nuclear Plants. A technical analysis at: https://marcoramilli.com/2019/11/04/is-lazarus-apt38-targeting-critical-infrastructures/ …@BleepinComputer@securityaffairs@arturodicorinto@FBussoletti@Luke_like@Basheer_A_Khan@Luke_like -
Maybe
#APT#APT38#Lazarus ITW:265f407a157ab0ed017dd18cae0352ae filename:JD-HAL-Manager.doc Target at Karnatakapic.twitter.com/PZ6mY48QLp
Prikaži ovu nit -
May be
#Lazarus#StardustChollima#APT38 DLL Injection tool. md5: 5c4eba92f97f139be5efbabed5567695 https://www.virustotal.com/gui/file/7458495eca0f67dfbba66d72445fa28abb102d96e1c15518552a59741f87e3a4/detection …pic.twitter.com/QLkdt60RyS
-
Since
#DPRK
is so hot
right now. #APT38 also used DARKCOMET.
https://content.fireeye.com/apt/rpt-apt38 https://twitter.com/QW5kcmV3/status/1169927947173662721 … -
#USCYBERCOM malware sample matched#ELECTRICFISH#APT38 tunneling tool (my own private yara. need to be confirmed). shared on@virusbay_io for who want to download. md5:0ba6bb2ad05d86207b5303657e3f6874https://twitter.com/CNMF_VirusAlert/status/1161725915744940033 … -
The most recently named APT groups—
#APT38,#APT39,#APT40—exemplify the variety of state-sponsored threats that network defenders face today. Watch our webinar fo a high-level overview on how nation-state interests are driving this activity.https://feye.io/2KH60Nf
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.