Mr.Trunk · @mrtrunk
7 followers · 15418 posts · Server dromedary.seedoubleyou.me
Mr.Trunk · @mrtrunk
7 followers · 15320 posts · Server dromedary.seedoubleyou.me
Mr.Trunk · @mrtrunk
7 followers · 15215 posts · Server dromedary.seedoubleyou.me
Mr.Trunk · @mrtrunk
7 followers · 15115 posts · Server dromedary.seedoubleyou.me
Mr.Trunk · @mrtrunk
7 followers · 15087 posts · Server dromedary.seedoubleyou.me
Aida Akl · @AAKL
393 followers · 643 posts · Server noc.social
Mr.Trunk · @mrtrunk
7 followers · 15013 posts · Server dromedary.seedoubleyou.me
Mr.Trunk · @mrtrunk
7 followers · 14912 posts · Server dromedary.seedoubleyou.me
Mr.Trunk · @mrtrunk
7 followers · 14608 posts · Server dromedary.seedoubleyou.me
Mr.Trunk · @mrtrunk
6 followers · 14507 posts · Server dromedary.seedoubleyou.me
Mr.Trunk · @mrtrunk
6 followers · 14305 posts · Server dromedary.seedoubleyou.me
Mr.Trunk · @mrtrunk
6 followers · 14204 posts · Server dromedary.seedoubleyou.me
Mr.Trunk · @mrtrunk
6 followers · 14103 posts · Server dromedary.seedoubleyou.me
Mr.Trunk · @mrtrunk
6 followers · 14002 posts · Server dromedary.seedoubleyou.me
Mr.Trunk · @mrtrunk
6 followers · 11793 posts · Server dromedary.seedoubleyou.me

Asec: Distribution of Malware Disguised as Coin and Investment-related Content asec.ahnlab.com/en/55944/

#malwareinformation #coinexchange #kimsuky #doc

Last updated 1 year ago

Redhotcyber · @redhotcyber
515 followers · 1314 posts · Server mastodon.bida.im

Hacker Nordcoreani contro Media Nordcoreani. Alla ricerca di informazioni sul programma nucleare

Il gruppo di hacker nordcoreani ha preso di mira degli di affari e dei nordcoreani come parte di una campagna di raccolta di , ricorrendo persino al furto di sugli abbonamenti per i che coprono il paese.

Le scoperte è di che segue un avvertimento della secondo cui Kimsuky sta utilizzando sociale e per attaccare gruppi di riflessione, e .

redhotcyber.com/post/hacker-no

#kimsuky #esperti #media #informazioni #Notiziari #sentinelone #nsa #ingegneria #malware #scienziati #redhotcyber #informationsecurity #ethicalhacking #dataprotection #hacking #cybersecurity #cybercrime #CyberSecurityAwareness #cybersecuritytraining #CyberSecurityNews #privacy #infosecurity

Last updated 1 year ago

Just Another Blue Teamer · @LeeArchinal
84 followers · 139 posts · Server ioc.exchange

The known as strikes again, this time targeting think tanks, academia, and media organizations with a social engineering. The goal? Stealing Google and subscription credentials of a news and analysis service that focuses on North Korea. Enjoy and Happy Hunting!

Link in the comments!

***This one is a little different. In this article, SentinelLabs mentioned ReconShark being used. Can you provide me with any TTPs that are associated with that ?***

TA0001 - Initial Access
T1566.002 - Phishing: Spearphishing Link
T1566.001 - Phishing: Spearphishing File

TA0002 - Execution
T1204.001 - User Execution: Malicious Link
T1204.002 - User Execution: Malicious File

TA0006 - Credential Access
T1056.003 - Input Capture: Web Portal Capture

ReconShark TTPs:
Here is your chance to shine! Let me know what TTPs are associated with this malware!

#apt #kimsuky #malware #cybersecurity #itsecurity #infosec #blueteam #threatintel #threathunting #ThreatDetection #happyhunting

Last updated 1 year ago

macfranc · @macfranc
386 followers · 1031 posts · Server poliversity.it

NSA e FBI: gli hacker di Kimsuky si atteggiano a giornalisti per rubare informazioni

@giornalismo

Secondo e il gruppo hacker nordcoreano sponsorizzato dallo stato (alias APT43) ha impersonato giornalisti e accademici per campagne di spear phishing per raccogliere informazioni da think tank, centri di ricerca, istituzioni accademiche e varie organizzazioni dei media.

Di Bill Toulas per

bleepingcomputer.com/news/secu

#cia #fbi #kimsuky #bleepingcomputer

Last updated 1 year ago

Just Another Blue Teamer · @LeeArchinal
75 followers · 127 posts · Server ioc.exchange

Happy Wednesday all, we are almost to the weekend!

The is at it again with a new campaign that is using custom malware as part of their reconnaissance. The SentinelOne Labs team is tracking the current campaign and provides the technical details they have observed! Enjoy and Happy Hunting!

Kimsuky | Ongoing Campaign Using Tailored Reconnaissance Toolkit
sentinelone.com/labs/kimsuky-o

I am going to do something a bit different this time: I am going to leave a behavior blank. Leave a comment to see if you can figure out which one it is!

Notable MITRE ATT&CK TTPs:
TA0001 - Initial Access
T1566.001 - Phishing: Spearphishing Attachment

TA0002 - Execution
T1204.002 - User Execution: Malicious File

TA0005 - Defense Evasion
T1140 - Deobfuscate/Decode Files or Information
T1112 - Modify Registry

TA0003 - Persistence:
T[Fill in the blank!] -

I am excited to see what you all think!

#apt #kimsuky #cybersecurity #itsecurity #infosec #blueteam #threatintel #threathunting #ThreatDetection #happyhunting

Last updated 1 year ago

Nils Weisensee · @nw
534 followers · 628 posts · Server ioc.exchange