Lazarus 보관 - Page 2 of 2

APT

April 2025 APT Group Trends

Trends of major APT groups by country 1) North Korea Since November 2024, the North Korean APT group has been exploiting the vulnerability of South Korean Internet financial security software. Similar attacks have been carried out in the past, and the threat actors have been launching attacks

May 16 2025

APT Malware

Analysis of Lazarus Group’s Attack on Windows Web Servers

AhnLab SEcurity intelligence Center (ASEC) has identified attack cases of the Lazarus group breaching a normal server and using it as a C2. Attacks that install a web shell and C2 script on South Korean web servers continue to occur. Additionally, there are cases where LazarLoader malware and privilege escalation

Mar 05 2025

APT

Threat Trend Report on APT Groups

The following are the main APT groups and their cases based on the analysis reports released by security companies and organizations in January 2025. 1. Andariel The Andariel group has executed an attack using the RID Hijacking technique to escalate account privileges and create hidden accounts.[1] RID Hijacking

Feb 12 2025

APT

APT Group Trends in October 2024

The following are the main APT groups and their cases based on the analysis reports released by security companies and organizations in October 2024. 1. Andariel Symantec’s Threat Hunter Team has found evidence that the Andariel group is launching financially motivated attacks against companies in the United

Nov 12 2024

APT

Threat Trend Report on APT Groups – July 2024 Major Issues on APT Groups

Purpose and Scope This report covers nation-led threat groups presumed to conduct cyber espionage or sabotage under the support of the governments of certain countries, referred to as “Advanced Persistent Threat (APT) groups” for the sake of convenience. Therefore, this report does not contain information on cybercriminal groups aiming

Aug 12 2024

APT Trend

Threat Trend Report on APT Groups – May 2024 Major Issues on APT Groups

The cases of major APT groups for May 2024 gathered from materials made public by security companies and institutions are as follows. 1. Andariel AhnLab SEcurity intelligence Center (ASEC) has been sharing Andariel group’s various attack cases against Korea.[1] The Nestdoor backdoor that the Andariel group had used

Jun 05 2024

APT Trend

Threat Trend Report on APT Groups – April 2024 Major Issues on APT Groups

The cases of major APT groups for April 2024 gathered from materials made public by security companies and institutions are as follows. 1) APT28 (Forest Blizzard) Microsoft Threat Intelligence released the results of the investigation on the activities of APT28, a Russia-based threat actor.[1] This group has been

May 09 2024

APT Trend

Threat Trend Report on APT Groups – February 2024 Major Issues on APT Groups

The cases of major APT groups for February 2024 gathered from materials made public by security companies and institutions are as follows. 1) APT28 In January 2024, the United States government said it had shut down a botnet from the APT28 group suspected to be operated by the Main

Mar 07 2024

APT Trend

Threat Trend Report on APT Groups – January 2024 Major Issues on APT Groups

1) APT28 Trend Micro revealed that the APT28 (Forest Blizzard, Pawn Storm) group executed NetNTLMv2 hash relay attacks exploiting the Outlook vulnerability (CVE-2023-23397) from April 2022 to November 2023 across various regions worldwide.1 The group targeted diplomatic, energy, national defense, transportation, labor, social welfare, financial, local council,

Feb 08 2024

APT Trend

2023 Dec. – Threat Trend Report on APT Groups

The cases of major APT groups for December 2023 gathered from materials made public by security companies and institutions are as follows. 1) Andariel The Korean police announced that the Andariel group attacked 14 targets in Korea including companies in the defense industry, IT security companies, research centers, and

Jan 09 2024

Tag: Lazarus