Bytes Europe<p>North Korean fake IT workers targeting European firms <a href="https://www.byteseu.com/887362/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">byteseu.com/887362/</span><span class="invisible"></span></a> <a href="https://pubeurope.com/tags/Conflicts" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Conflicts</span></a> <a href="https://pubeurope.com/tags/DataTheft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DataTheft</span></a> <a href="https://pubeurope.com/tags/FakeITWorkers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FakeITWorkers</span></a> <a href="https://pubeurope.com/tags/GoogleThreatIntelligenceGroup" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GoogleThreatIntelligenceGroup</span></a> <a href="https://pubeurope.com/tags/NorthKorea" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NorthKorea</span></a> <a href="https://pubeurope.com/tags/StateSponsoredCyberAttacks" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>StateSponsoredCyberAttacks</span></a> <a href="https://pubeurope.com/tags/ThreatActors" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ThreatActors</span></a> <a href="https://pubeurope.com/tags/ThreatIntelligence" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ThreatIntelligence</span></a></p>
Recent searches
No recent searches
Search options
Only available when logged in.
social.tchncs.de is one of the many independent Mastodon servers you can use to participate in the fediverse.
A friendly server from Germany – which tends to attract techy people, but welcomes everybody. This is one of the oldest Mastodon instances.
Administered by:
Server stats:
3.8Kactive users
social.tchncs.de: About · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.3.7
#statesponsoredcyberattacks
1 post · 1 participant · 0 posts today
🛡 H3lium@infosec.exchange/:~# :blinking_cursor:<p>"🚨 Lazarus Group Unleashes CollectionRAT in Sophisticated Campaigns 🚨"</p><p>Lazarus Group, a North Korean state-sponsored actor, has been utilizing infrastructure reuse to launch sophisticated cyber attacks. Their latest campaign exploits CVE-2022-47966, a vulnerability in ManageEngine ServiceDesk, to deploy multiple threats including a new malware, CollectionRAT. This RAT showcases capabilities such as executing arbitrary commands and managing files on infected systems. Intriguingly, Lazarus Group is increasingly leveraging open-source tools like the DeimosC2 framework, marking a strategic shift in their attack methodologies. CollectionRAT, along with other tools like the malicious PuTTY Link (Plink), indicates a refined approach in their cyber warfare tactics.</p><p>Details: <a href="https://blog.talosintelligence.com/lazarus-collectionrat/" rel="nofollow noopener noreferrer" target="_blank">Cisco Talos Blog</a></p><p>Authors: Asheer Malhotra, Vitor Ventura, Jungsoo An</p><p>Tags: <a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cybersecurity</span></a> <a href="https://infosec.exchange/tags/LazarusGroup" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LazarusGroup</span></a> <a href="https://infosec.exchange/tags/APT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>APT</span></a> <a href="https://infosec.exchange/tags/CollectionRAT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CollectionRAT</span></a> <a href="https://infosec.exchange/tags/DeimosC2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DeimosC2</span></a> <a href="https://infosec.exchange/tags/CVE202247966" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CVE202247966</span></a> <a href="https://infosec.exchange/tags/ManageEngine" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ManageEngine</span></a> <a href="https://infosec.exchange/tags/Plink" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Plink</span></a> <a href="https://infosec.exchange/tags/NorthKorea" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NorthKorea</span></a> <a href="https://infosec.exchange/tags/StateSponsoredCyberAttacks" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>StateSponsoredCyberAttacks</span></a> 💻🌍🔐</p><p><a href="https://attack.mitre.org/groups/G0032/" rel="nofollow noopener noreferrer" target="_blank">Mitre - Lazarus Group</a></p>
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload