Threat Trend Report on APT Groups – May 2023 Posted By ahnlabti , July 7, 2023 The cases of major APT groups for May 2023 gathered from materials made public by security companies and institutions are as follows. – Agrius – Andariel – APT28 – APT29 – APT-C-36 (Blind Eagle) – Camaro Dragon – CloudWizard – Earth Longzhi (APT41) – GoldenJackal – Kimsuky – Lazarus – Lancefly – OilAlpha – Red Eyes (APT37, ScarCruft) – SideCopy – SideWinder – Transparent Tribe (APT36) – Volt Typhoon (Bronze Silhouette) ATIP_2023_May_Threat Trend Report on APT Groups
CVE Trend Report – May 2023 Posted By ahnlabti , July 7, 2023 Following the recent abuse of vulnerabilities in various malware distributions and attacks, it is becoming more crucial to detect said information early on. Zero-day and other various vulnerabilities are typically spread faster through social networks. Based on the information collected through in-house infrastructure, trends on vulnerabilities currently in the spotlight are provided through ATIP services. Additionally, ATIP offers information on said vulnerabilities’ characteristics and countermeasures through related News Clippings, ASEC Notes, analysis reports, security advisories, and more. This report introduces…
Threat Trend Report on Ransomware – May 2023 Posted By ahnlabti , July 7, 2023 This report provides statistics on new ransomware samples, attacked systems, and targeted businesses in May 2023, as well as notable ransomware issues in Korea and other countries. Other major issues and statistics for ransomware that are not mentioned in the report can be found by searching for the following keywords or via the Statistics menu at AhnLab Threat Intelligence Platform (ATIP). – Ransomware – Statistics by Type The number of ransomware samples and targeted systems are based on the detection…
Threat Trend Report on Kimsuky – May 2023 Posted By ahnlabti , July 7, 2023 The Kimsuky group’s activities in May 2023 had increased slightly in comparison to their activities in April. Also, new top-level domains (TLDs) have begun to be detected, and there were small changes to the codes. Figure 1. FQDN statistics by attack type in the last 3 months (Unit: each) ATIP_2023_May_Threat Trend Report on Kimsuky Group
Distribution of NetSupport Malware Using Email Posted By ohmintaek , July 7, 2023 NetSupport RAT is being used by various threat actors. These are distributed through spam emails and phishing pages disguised as documents such as Invoices, shipment documents, and PO (purchase orders). Distribution via phishing pages has been covered on this Blog in the past. [1] AhnLab Security Emergency response Center(ASEC) discovered NetSupport RAT being distributed via a spear phishing email that has recently been in circulation. This post will cover the action flow from its distribution via phishing emails and its…
