FedSearch - Federated network search engine

Il gruppo di hacker nordcoreani #Kimsuky ha preso di mira degli #esperti di affari e dei #media nordcoreani come parte di una campagna di raccolta di #informazioni, ricorrendo persino al furto di #informazioni sugli abbonamenti per i #notiziari che coprono il paese.

Le scoperte è di #SentinelOne che segue un avvertimento della #NSA secondo cui Kimsuky sta utilizzando #ingegneria sociale e #malware per attaccare gruppi di riflessione, #scienziati e #media.

#redhotcyber #informationsecurity #ethicalhacking #dataprotection #hacking #cybersecurity #cybercrime #cybersecurityawareness #cybersecuritytraining #cybersecuritynews #privacy #infosecurity

https://www.redhotcyber.com/post/hacker-nordcoreani-contro-media-nordcoreani-alla-ricerca-di-informazioni-sul-programma-nucleare/

#kimsuky #esperti #media #informazioni #Notiziari #sentinelone #nsa #ingegneria #malware #scienziati #redhotcyber #informationsecurity #ethicalhacking #dataprotection #hacking #cybersecurity #cybercrime #CyberSecurityAwareness #cybersecuritytraining #CyberSecurityNews #privacy #infosecurity

Last updated 1 year ago

Original post

Just Another Blue Teamer · @LeeArchinal

84 followers · 139 posts · Server ioc.exchange

Open media

The #APT known as #Kimsuky strikes again, this time targeting think tanks, academia, and media organizations with a social engineering. The goal? Stealing Google and subscription credentials of a news and analysis service that focuses on North Korea. Enjoy and Happy Hunting!

Link in the comments!

***This one is a little different. In this article, SentinelLabs mentioned ReconShark being used. Can you provide me with any TTPs that are associated with that #malware?***

TA0001 - Initial Access
T1566.002 - Phishing: Spearphishing Link
T1566.001 - Phishing: Spearphishing File

TA0002 - Execution
T1204.001 - User Execution: Malicious Link
T1204.002 - User Execution: Malicious File

TA0006 - Credential Access
T1056.003 - Input Capture: Web Portal Capture

ReconShark TTPs:
Here is your chance to shine! Let me know what TTPs are associated with this malware!

#CyberSecurity #ITSecurity #InfoSec #BlueTeam #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting

#apt #kimsuky #malware #cybersecurity #itsecurity #infosec #blueteam #threatintel #threathunting #ThreatDetection #happyhunting

Last updated 1 year ago

Original post

macfranc · @macfranc

386 followers · 1031 posts · Server poliversity.it

NSA e FBI: gli hacker di Kimsuky si atteggiano a giornalisti per rubare informazioni

@giornalismo

Secondo #CIA e #FBI il gruppo hacker nordcoreano #Kimsuky sponsorizzato dallo stato (alias APT43) ha impersonato giornalisti e accademici per campagne di spear phishing per raccogliere informazioni da think tank, centri di ricerca, istituzioni accademiche e varie organizzazioni dei media.

Di Bill Toulas per #BleepingComputer

https://www.bleepingcomputer.com/news/security/nsa-and-fbi-kimsuky-hackers-pose-as-journalists-to-steal-intel/

#cia #fbi #kimsuky #bleepingcomputer

Last updated 1 year ago

Original post

Just Another Blue Teamer · @LeeArchinal

75 followers · 127 posts · Server ioc.exchange

Happy Wednesday all, we are almost to the weekend!

The #APT #Kimsuky is at it again with a new campaign that is using custom malware as part of their reconnaissance. The SentinelOne Labs team is tracking the current campaign and provides the technical details they have observed! Enjoy and Happy Hunting!

Kimsuky | Ongoing Campaign Using Tailored Reconnaissance Toolkit
https://www.sentinelone.com/labs/kimsuky-ongoing-campaign-using-tailored-reconnaissance-toolkit/

I am going to do something a bit different this time: I am going to leave a behavior blank. Leave a comment to see if you can figure out which one it is!

Notable MITRE ATT&CK TTPs:
TA0001 - Initial Access
T1566.001 - Phishing: Spearphishing Attachment

TA0002 - Execution
T1204.002 - User Execution: Malicious File

TA0005 - Defense Evasion
T1140 - Deobfuscate/Decode Files or Information
T1112 - Modify Registry

TA0003 - Persistence:
T[Fill in the blank!] -

I am excited to see what you all think!

#CyberSecurity #ITSecurity #InfoSec #BlueTeam #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting

#apt #kimsuky #cybersecurity #itsecurity #infosec #blueteam #threatintel #threathunting #ThreatDetection #happyhunting

Last updated 1 year ago

Original post

Nils Weisensee · @nw

534 followers · 628 posts · Server ioc.exchange

North Korean hackers target defectors and journalists with new recon malware:

https://www.nknews.org/pro/north-korean-hackers-target-defectors-and-journalists-with-new-recon-malware/

#northkorea #cybersecurity #kimsuky #dprk #malware

Last updated 1 year ago

Original post