FedSearch
Mr.Trunk · @mrtrunk
12 followers · 20692 posts · Server dromedary.seedoubleyou.me
ASEC BLOG - RedEyes (ScarCruft)'s CHM Malware Using the Topic of Fukushima Wastewater Release - ASEC BLOG

Asec: RedEyes (ScarCruft)’s CHM Malware Using the Topic of Fukushima Wastewater Release asec.ahnlab.com/en/56857/

#malwareinformation #scarcruft #backdoor #redeyes #apt37 #chm

Last updated 1 year ago
Original post

Mr.Trunk · @mrtrunk
12 followers · 20587 posts · Server dromedary.seedoubleyou.me

Asec: RedEyes (ScarCruft)’s CHM Malware Using the Topic of Fukushima Wastewater Release asec.ahnlab.com/en/56857/

#malwareinformation #scarcruft #backdoor #redeyes #apt37 #chm

Last updated 1 year ago
Original post

Mr.Trunk · @mrtrunk
12 followers · 20487 posts · Server dromedary.seedoubleyou.me
ASEC BLOG - RedEyes (ScarCruft)'s CHM Malware Using the Topic of Fukushima Wastewater Release - ASEC BLOG

Asec: RedEyes (ScarCruft)’s CHM Malware Using the Topic of Fukushima Wastewater Release asec.ahnlab.com/en/56857/

#malwareinformation #scarcruft #backdoor #redeyes #apt37 #chm

Last updated 1 year ago
Original post

Mr.Trunk · @mrtrunk
12 followers · 20390 posts · Server dromedary.seedoubleyou.me
ASEC BLOG - RedEyes (ScarCruft)'s CHM Malware Using the Topic of Fukushima Wastewater Release - ASEC BLOG

Asec: RedEyes (ScarCruft)’s CHM Malware Using the Topic of Fukushima Wastewater Release asec.ahnlab.com/en/56857/

#malwareinformation #scarcruft #backdoor #redeyes #apt37 #chm

Last updated 1 year ago
Original post

Mr.Trunk · @mrtrunk
12 followers · 20285 posts · Server dromedary.seedoubleyou.me

Asec: RedEyes (ScarCruft)’s CHM Malware Using the Topic of Fukushima Wastewater Release asec.ahnlab.com/en/56857/

#malwareinformation #scarcruft #backdoor #redeyes #apt37 #chm

Last updated 1 year ago
Original post

Mr.Trunk · @mrtrunk
12 followers · 20183 posts · Server dromedary.seedoubleyou.me

Asec: RedEyes (ScarCruft)’s CHM Malware Using the Topic of Fukushima Wastewater Release asec.ahnlab.com/en/56857/

#malwareinformation #scarcruft #backdoor #redeyes #apt37 #chm

Last updated 1 year ago
Original post

Anonymous Germany · @AnonNewsDE
59885 followers · 11026 posts · Server social.tchncs.de

Die vom nordkoreanischen Staat gesponserte Hackergruppe () hat die IT-Infrastruktur und den E-Mail-Server von NPO Mashinostroyeniya gehackt.

NPO Mashinostroyeniya ist ein russischer Konstrukteur und Hersteller von Orbitalfahrzeugen, Raumfahrzeugen und taktischen Verteidigungs- und Angriffsraketen, die von der russischen und indischen Armee eingesetzt werden.

bleepingcomputer.com/news/secu

golem.de/news/angriff-aus-nord

#scarcruft #apt37 #hack #russland #nordkorea #opencarrot #windows

Last updated 1 year ago
Original post

Mr.Trunk · @mrtrunk
5 followers · 10133 posts · Server dromedary.seedoubleyou.me

#cyberattackstimelines #pbiresearchservices #anonymoussudan #cve #cyberespionage #noname057 #cyberattacks #cyberwarfare #lazarusgroup #mustangpanda #cybercrime #hacktivism #ransomware #security #jokerspy #timeline #ref9134 #moveit #apt15 #apt28 #apt29 #apt37 #cl0p #clop #june

Last updated 1 year ago
Original post

Mr.Trunk · @mrtrunk
5 followers · 10035 posts · Server dromedary.seedoubleyou.me

#cyberattackstimelines #pbiresearchservices #anonymoussudan #cve #cyberespionage #noname057 #cyberattacks #cyberwarfare #lazarusgroup #mustangpanda #cybercrime #hacktivism #ransomware #security #jokerspy #timeline #ref9134 #moveit #apt15 #apt28 #apt29 #apt37 #cl0p #clop #june

Last updated 1 year ago
Original post

Mr.Trunk · @mrtrunk
5 followers · 9931 posts · Server dromedary.seedoubleyou.me

#cyberattackstimelines #pbiresearchservices #anonymoussudan #cve #cyberespionage #noname057 #cyberattacks #cyberwarfare #lazarusgroup #mustangpanda #cybercrime #hacktivism #ransomware #security #jokerspy #timeline #ref9134 #moveit #apt15 #apt28 #apt29 #apt37 #cl0p #clop #june

Last updated 1 year ago
Original post

Mr.Trunk · @mrtrunk
5 followers · 9831 posts · Server dromedary.seedoubleyou.me

#cyberattackstimelines #pbiresearchservices #anonymoussudan #cve #cyberespionage #noname057 #cyberattacks #cyberwarfare #lazarusgroup #mustangpanda #cybercrime #hacktivism #ransomware #security #jokerspy #timeline #ref9134 #moveit #apt15 #apt28 #apt29 #apt37 #cl0p #clop #june

Last updated 1 year ago
Original post

Mr.Trunk · @mrtrunk
5 followers · 9728 posts · Server dromedary.seedoubleyou.me

#cyberattackstimelines #pbiresearchservices #anonymoussudan #cve #cyberespionage #noname057 #cyberattacks #cyberwarfare #lazarusgroup #mustangpanda #cybercrime #hacktivism #ransomware #security #jokerspy #timeline #ref9134 #moveit #apt15 #apt28 #apt29 #apt37 #cl0p #clop #june

Last updated 1 year ago
Original post

Mr.Trunk · @mrtrunk
5 followers · 9526 posts · Server dromedary.seedoubleyou.me

#cyberattackstimelines #pbiresearchservices #anonymoussudan #cve #cyberespionage #noname057 #cyberattacks #cyberwarfare #lazarusgroup #mustangpanda #cybercrime #hacktivism #ransomware #security #jokerspy #timeline #ref9134 #moveit #apt15 #apt28 #apt29 #apt37 #cl0p #clop #june

Last updated 1 year ago
Original post

Mr.Trunk · @mrtrunk
5 followers · 9425 posts · Server dromedary.seedoubleyou.me

#cyberattackstimelines #pbiresearchservices #anonymoussudan #cve #cyberespionage #noname057 #cyberattacks #cyberwarfare #lazarusgroup #mustangpanda #cybercrime #hacktivism #ransomware #security #jokerspy #timeline #ref9134 #moveit #apt15 #apt28 #apt29 #apt37 #cl0p #clop #june

Last updated 1 year ago
Original post

Just Another Blue Teamer · @LeeArchinal
77 followers · 130 posts · Server ioc.exchange
Open media

Happy Tuesday everyone! is the topic of today's , specifically ThreatMon takes a deep-dive into the malware, which is a remote access trojan (RAT). Enjoy and Happy Hunting!

Link to article in the comments!

***AS usual I am going to leave one of the MITRE ATT&CK blank. I would like to see if any of you that see this can help FILL in that blank! If so, leave your thoughts in the comments OR send me a DM!***

Notable MITRE ATT&CK TTPs:
TA0007 - Discovery
T1087 - Account Discovery
T1083 - File and Directory Discovery
T1018 - Remote System Discovery
T1082 - System Information Discovery

TA0009 - Collection
T[What technique covers the threat actor capturing information under the TEMP folder?] - Good luck!

TA0011 - Command And Control
T1071.001 - Application Layer Protocol: Web Protocols

TA0002 - Execution
T1059.003 - Command and Scripting Interpreter: Windows Command Shell

#apt37 #readoftheday #RokRat #cybersecurity #itsecurity #infosec #blueteam #threatintel #threathunting #ThreatDetection #happyhunting

Last updated 1 year ago
Original post

lazarusholic · @lazarusholic
2 followers · 40 posts · Server infosec.exchange

#apt37 #chm #chinotto #cti #osint #lazarus

Last updated 2 years ago
Original post

lazarusholic · @lazarusholic
2 followers · 33 posts · Server infosec.exchange

"全球高级持续性威胁 (APT) 2022年度报告" published by 奇安信威胁情报中心. , , , , , , secrss.com/articles/52737

#trend #apt37 #chm #chinotto #cti #osint #lazarus

Last updated 2 years ago
Original post

Ronie J Shaw · @roniejshaw
36 followers · 62 posts · Server mastodon.ie

Any peeps on here have any info on the POORAIM backdoor? It was mentioned in an @Trellix (Fireeye) report, but i can find any details.. very little about it from my searching over the last week. I've a MSc Cybersecurity assignment to analyse it 🥹

#cybersecurity #apt37

Last updated 2 years ago
Original post

Ovi · @0v1
60 followers · 33 posts · Server infosec.exchange
The Hacker News - Experts Warn of RambleOn Android Malware Targeting South Korean Journalists

he victimology of this event fits very closely with the modus operandi of groups such as and . More analysis from the industry greatly appreciated.
thehackernews.com/2023/02/expe

#apt37 #kimsuky #threatintelligence

Last updated 2 years ago
Original post

TribalCyberSecurity · @tribalcyber
26 followers · 15 posts · Server infosec.exchange

#lazarus #apt #hiddencobra #zinc #apt37 #andariel #bluenoroff #cyberattack #phishing #databreach #cybercrime #cyberespionage

Last updated 2 years ago
Original post