Asec: Threat Trend Report on APT Groups – June 2023 https://asec.ahnlab.com/en/56195/ #CharmingKitten #StealthSoldier #CadetBlizzard #CamaroDragon #MustangPanda #MuddyWater #OceanLotus #SharpPanda #Gamaredon #Patchwork #Andariel #Ke3chang #Sidecopy #Kimsuky #Lazarus #RedEyes #trend #APT28
#charmingkitten #stealthsoldier #cadetblizzard #camarodragon #mustangpanda #muddywater #oceanlotus #sharppanda #gamaredon #patchwork #andariel #ke3chang #sidecopy #kimsuky #lazarus #redeyes #trend #apt28
Asec: Threat Trend Report on APT Groups – June 2023 https://asec.ahnlab.com/en/56195/ #CharmingKitten #StealthSoldier #CadetBlizzard #CamaroDragon #MustangPanda #MuddyWater #OceanLotus #SharpPanda #Gamaredon #Patchwork #Andariel #Ke3chang #Sidecopy #Kimsuky #Lazarus #RedEyes #trend #APT28
#charmingkitten #stealthsoldier #cadetblizzard #camarodragon #mustangpanda #muddywater #oceanlotus #sharppanda #gamaredon #patchwork #andariel #ke3chang #sidecopy #kimsuky #lazarus #redeyes #trend #apt28
Asec: Threat Trend Report on APT Groups – June 2023 https://asec.ahnlab.com/en/56195/ #CharmingKitten #StealthSoldier #CadetBlizzard #CamaroDragon #MustangPanda #MuddyWater #OceanLotus #SharpPanda #Gamaredon #Patchwork #Andariel #Ke3chang #Sidecopy #Kimsuky #Lazarus #RedEyes #trend #APT28
#charmingkitten #stealthsoldier #cadetblizzard #camarodragon #mustangpanda #muddywater #oceanlotus #sharppanda #gamaredon #patchwork #andariel #ke3chang #sidecopy #kimsuky #lazarus #redeyes #trend #apt28
Asec: Threat Trend Report on APT Groups – June 2023 https://asec.ahnlab.com/en/56195/ #CharmingKitten #StealthSoldier #CadetBlizzard #CamaroDragon #MustangPanda #MuddyWater #OceanLotus #SharpPanda #Gamaredon #Patchwork #Andariel #Ke3chang #Sidecopy #Kimsuky #Lazarus #RedEyes #trend #APT28
#charmingkitten #stealthsoldier #cadetblizzard #camarodragon #mustangpanda #muddywater #oceanlotus #sharppanda #gamaredon #patchwork #andariel #ke3chang #sidecopy #kimsuky #lazarus #redeyes #trend #apt28
SecurityAffairs: N. Korean Kimsuky APT targets S. Korea-US military exercises https://securityaffairs.com/149698/apt/kimsuky-war-simulation-centre.html #informationsecuritynews #ITInformationSecurity #PierluigiPaganini #SecurityAffairs #Cyberespionage #BreakingNews #SecurityNews #hackingnews #NorthKorea #Hacking #Kimsuky #APT
#informationsecuritynews #itinformationsecurity #pierluigipaganini #securityaffairs #cyberespionage #breakingnews #securitynews #hackingnews #northkorea #hacking #kimsuky #apt
Suspected N. Korean #Kimsuky Threat Actors Target S. Korea-US Drills with #spearphishing https://www.securityweek.com/suspected-n-korean-hackers-target-s-korea-us-drills/ @afpfr via @SecurityWeek
Asec: Threat Trend Report on APT Groups – June 2023 https://asec.ahnlab.com/en/56195/ #CharmingKitten #StealthSoldier #CadetBlizzard #CamaroDragon #MustangPanda #MuddyWater #OceanLotus #SharpPanda #Gamaredon #Patchwork #Andariel #Ke3chang #Sidecopy #Kimsuky #Lazarus #RedEyes #trend #APT28
#charmingkitten #stealthsoldier #cadetblizzard #camarodragon #mustangpanda #muddywater #oceanlotus #sharppanda #gamaredon #patchwork #andariel #ke3chang #sidecopy #kimsuky #lazarus #redeyes #trend #apt28
Asec: Threat Trend Report on APT Groups – June 2023 https://asec.ahnlab.com/en/56195/ #CharmingKitten #StealthSoldier #CadetBlizzard #CamaroDragon #MustangPanda #MuddyWater #OceanLotus #SharpPanda #Gamaredon #Patchwork #Andariel #Ke3chang #Sidecopy #Kimsuky #Lazarus #RedEyes #trend #APT28
#charmingkitten #stealthsoldier #cadetblizzard #camarodragon #mustangpanda #muddywater #oceanlotus #sharppanda #gamaredon #patchwork #andariel #ke3chang #sidecopy #kimsuky #lazarus #redeyes #trend #apt28
Asec: Threat Trend Report on APT Groups – June 2023 https://asec.ahnlab.com/en/56195/ #CharmingKitten #StealthSoldier #CadetBlizzard #CamaroDragon #MustangPanda #MuddyWater #OceanLotus #SharpPanda #Gamaredon #Patchwork #Andariel #Ke3chang #Sidecopy #Kimsuky #Lazarus #RedEyes #trend #APT28
#charmingkitten #stealthsoldier #cadetblizzard #camarodragon #mustangpanda #muddywater #oceanlotus #sharppanda #gamaredon #patchwork #andariel #ke3chang #sidecopy #kimsuky #lazarus #redeyes #trend #apt28
Asec: Threat Trend Report on APT Groups – June 2023 https://asec.ahnlab.com/en/56195/ #CharmingKitten #StealthSoldier #CadetBlizzard #CamaroDragon #MustangPanda #MuddyWater #OceanLotus #SharpPanda #Gamaredon #Patchwork #Andariel #Ke3chang #Sidecopy #Kimsuky #Lazarus #RedEyes #trend #APT28
#charmingkitten #stealthsoldier #cadetblizzard #camarodragon #mustangpanda #muddywater #oceanlotus #sharppanda #gamaredon #patchwork #andariel #ke3chang #sidecopy #kimsuky #lazarus #redeyes #trend #apt28
Asec: Threat Trend Report on APT Groups – June 2023 https://asec.ahnlab.com/en/56195/ #CharmingKitten #StealthSoldier #CadetBlizzard #CamaroDragon #MustangPanda #MuddyWater #OceanLotus #SharpPanda #Gamaredon #Patchwork #Andariel #Ke3chang #Sidecopy #Kimsuky #Lazarus #RedEyes #trend #APT28
#charmingkitten #stealthsoldier #cadetblizzard #camarodragon #mustangpanda #muddywater #oceanlotus #sharppanda #gamaredon #patchwork #andariel #ke3chang #sidecopy #kimsuky #lazarus #redeyes #trend #apt28
Asec: Threat Trend Report on APT Groups – June 2023 https://asec.ahnlab.com/en/56195/ #CharmingKitten #StealthSoldier #CadetBlizzard #CamaroDragon #MustangPanda #MuddyWater #OceanLotus #SharpPanda #Gamaredon #Patchwork #Andariel #Ke3chang #Sidecopy #Kimsuky #Lazarus #RedEyes #trend #APT28
#charmingkitten #stealthsoldier #cadetblizzard #camarodragon #mustangpanda #muddywater #oceanlotus #sharppanda #gamaredon #patchwork #andariel #ke3chang #sidecopy #kimsuky #lazarus #redeyes #trend #apt28
Asec: Threat Trend Report on APT Groups – June 2023 https://asec.ahnlab.com/en/56195/ #CharmingKitten #StealthSoldier #CadetBlizzard #CamaroDragon #MustangPanda #MuddyWater #OceanLotus #SharpPanda #Gamaredon #Patchwork #Andariel #Ke3chang #Sidecopy #Kimsuky #Lazarus #RedEyes #trend #APT28
#charmingkitten #stealthsoldier #cadetblizzard #camarodragon #mustangpanda #muddywater #oceanlotus #sharppanda #gamaredon #patchwork #andariel #ke3chang #sidecopy #kimsuky #lazarus #redeyes #trend #apt28
Asec: Threat Trend Report on APT Groups – June 2023 https://asec.ahnlab.com/en/56195/ #CharmingKitten #StealthSoldier #CadetBlizzard #CamaroDragon #MustangPanda #MuddyWater #OceanLotus #SharpPanda #Gamaredon #Patchwork #Andariel #Ke3chang #Sidecopy #Kimsuky #Lazarus #RedEyes #trend #APT28
#charmingkitten #stealthsoldier #cadetblizzard #camarodragon #mustangpanda #muddywater #oceanlotus #sharppanda #gamaredon #patchwork #andariel #ke3chang #sidecopy #kimsuky #lazarus #redeyes #trend #apt28
Asec: Distribution of Malware Disguised as Coin and Investment-related Content https://asec.ahnlab.com/en/55944/ #MalwareInformation #COINEXCHANGE #Kimsuky #doc
#malwareinformation #coinexchange #kimsuky #doc
Hacker Nordcoreani contro Media Nordcoreani. Alla ricerca di informazioni sul programma nucleare
Il gruppo di hacker nordcoreani #Kimsuky ha preso di mira degli #esperti di affari e dei #media nordcoreani come parte di una campagna di raccolta di #informazioni, ricorrendo persino al furto di #informazioni sugli abbonamenti per i #notiziari che coprono il paese.
Le scoperte è di #SentinelOne che segue un avvertimento della #NSA secondo cui Kimsuky sta utilizzando #ingegneria sociale e #malware per attaccare gruppi di riflessione, #scienziati e #media.
#redhotcyber #informationsecurity #ethicalhacking #dataprotection #hacking #cybersecurity #cybercrime #cybersecurityawareness #cybersecuritytraining #cybersecuritynews #privacy #infosecurity
#kimsuky #esperti #media #informazioni #Notiziari #sentinelone #nsa #ingegneria #malware #scienziati #redhotcyber #informationsecurity #ethicalhacking #dataprotection #hacking #cybersecurity #cybercrime #CyberSecurityAwareness #cybersecuritytraining #CyberSecurityNews #privacy #infosecurity
The #APT known as #Kimsuky strikes again, this time targeting think tanks, academia, and media organizations with a social engineering. The goal? Stealing Google and subscription credentials of a news and analysis service that focuses on North Korea. Enjoy and Happy Hunting!
Link in the comments!
***This one is a little different. In this article, SentinelLabs mentioned ReconShark being used. Can you provide me with any TTPs that are associated with that #malware?***
TA0001 - Initial Access
T1566.002 - Phishing: Spearphishing Link
T1566.001 - Phishing: Spearphishing File
TA0002 - Execution
T1204.001 - User Execution: Malicious Link
T1204.002 - User Execution: Malicious File
TA0006 - Credential Access
T1056.003 - Input Capture: Web Portal Capture
ReconShark TTPs:
Here is your chance to shine! Let me know what TTPs are associated with this malware!
#CyberSecurity #ITSecurity #InfoSec #BlueTeam #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting
#apt #kimsuky #malware #cybersecurity #itsecurity #infosec #blueteam #threatintel #threathunting #ThreatDetection #happyhunting
NSA e FBI: gli hacker di Kimsuky si atteggiano a giornalisti per rubare informazioni
Secondo #CIA e #FBI il gruppo hacker nordcoreano #Kimsuky sponsorizzato dallo stato (alias APT43) ha impersonato giornalisti e accademici per campagne di spear phishing per raccogliere informazioni da think tank, centri di ricerca, istituzioni accademiche e varie organizzazioni dei media.
Di Bill Toulas per #BleepingComputer
#cia #fbi #kimsuky #bleepingcomputer
Happy Wednesday all, we are almost to the weekend!
The #APT #Kimsuky is at it again with a new campaign that is using custom malware as part of their reconnaissance. The SentinelOne Labs team is tracking the current campaign and provides the technical details they have observed! Enjoy and Happy Hunting!
Kimsuky | Ongoing Campaign Using Tailored Reconnaissance Toolkit
https://www.sentinelone.com/labs/kimsuky-ongoing-campaign-using-tailored-reconnaissance-toolkit/
I am going to do something a bit different this time: I am going to leave a behavior blank. Leave a comment to see if you can figure out which one it is!
Notable MITRE ATT&CK TTPs:
TA0001 - Initial Access
T1566.001 - Phishing: Spearphishing Attachment
TA0002 - Execution
T1204.002 - User Execution: Malicious File
TA0005 - Defense Evasion
T1140 - Deobfuscate/Decode Files or Information
T1112 - Modify Registry
TA0003 - Persistence:
T[Fill in the blank!] -
I am excited to see what you all think!
#CyberSecurity #ITSecurity #InfoSec #BlueTeam #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting
#apt #kimsuky #cybersecurity #itsecurity #infosec #blueteam #threatintel #threathunting #ThreatDetection #happyhunting
North Korean hackers target defectors and journalists with new recon malware:
#northkorea #cybersecurity #kimsuky #dprk #malware