lazarusholic
@lazarusholic.bsky.social
a big fan of lazarus. https://lazarus.day
"EtherRAT: DPRK uses novel Ethereum implant in React2Shell attacks" published by Sysdig. #CVE-2025-55182, #EtherRAT, #React2Shell, #DPRK, #CTI https://www.sysdig.com/blog/etherrat-dprk-uses-novel-ethereum-implant-in-react2shell-attacks
December 9, 2025 at 1:30 PM
"EtherRAT: DPRK uses novel Ethereum implant in React2Shell attacks" published by Sysdig. #CVE-2025-55182, #EtherRAT, #React2Shell, #DPRK, #CTI https://www.sysdig.com/blog/etherrat-dprk-uses-novel-ethereum-implant-in-react2shell-attacks
"Hunting For North Korean Fiber Optic Cables" published by NKInternet. #DPRK, #CTI https://nkinternet.com/2025/12/08/hunting-for-north-korean-fiber-optic-cables/
December 9, 2025 at 1:30 PM
"Hunting For North Korean Fiber Optic Cables" published by NKInternet. #DPRK, #CTI https://nkinternet.com/2025/12/08/hunting-for-north-korean-fiber-optic-cables/
"Exclusive Look Inside a Compromised North Korean APT Machine Linked to The Biggest Heist in History" published by HudsonRock. #Bybit, #Lazarus, #DPRK, #CTI https://www.hudsonrock.com/blog/5692
December 5, 2025 at 1:30 PM
"Exclusive Look Inside a Compromised North Korean APT Machine Linked to The Biggest Heist in History" published by HudsonRock. #Bybit, #Lazarus, #DPRK, #CTI https://www.hudsonrock.com/blog/5692
"How We Caught Lazarus's IT Workers Scheme Live on Camera" published by AnyRun. #ITWorker, #FamousChollima, #DPRK, #CTI https://any.run/cybersecurity-blog/lazarus-group-it-workers-investigation/
December 4, 2025 at 5:30 PM
"How We Caught Lazarus's IT Workers Scheme Live on Camera" published by AnyRun. #ITWorker, #FamousChollima, #DPRK, #CTI https://any.run/cybersecurity-blog/lazarus-group-it-workers-investigation/
"North Korean hackers are pushing fake Microsoft Teams Update to macOS users" published by Moonlock. #macOS, #DPRK, #CTI https://archive.md/8xDxT
December 4, 2025 at 3:30 PM
"North Korean hackers are pushing fake Microsoft Teams Update to macOS users" published by Moonlock. #macOS, #DPRK, #CTI https://archive.md/8xDxT
"Latest Contagious Interview malware campaign abuses Microsoft VSCode Tasks" published by OSM. #ContagiousInterview, #Lazarus, #DPRK, #CTI https://opensourcemalware.com/blog/contagious-interview-vscode
December 3, 2025 at 3:30 PM
"Latest Contagious Interview malware campaign abuses Microsoft VSCode Tasks" published by OSM. #ContagiousInterview, #Lazarus, #DPRK, #CTI https://opensourcemalware.com/blog/contagious-interview-vscode
".hta 파일로 유포중인 KimJongRAT 주의!" published by ESTSecurity. #KimjongRAT, #Kimsuky, #DPRK, #CTI https://blog.alyac.co.kr/5682
December 1, 2025 at 1:30 PM
".hta 파일로 유포중인 KimJongRAT 주의!" published by ESTSecurity. #KimjongRAT, #Kimsuky, #DPRK, #CTI https://blog.alyac.co.kr/5682
"Unmasking a new DPRK Front Company DredSoftLabs" published by Wickeren. #Wagemole, #DPRK, #CTI https://medium.com/@meeswicky1100/unmasking-a-new-dprk-front-company-dredsoftlabs-bf9ed544d690
November 30, 2025 at 1:30 PM
"Unmasking a new DPRK Front Company DredSoftLabs" published by Wickeren. #Wagemole, #DPRK, #CTI https://medium.com/@meeswicky1100/unmasking-a-new-dprk-front-company-dredsoftlabs-bf9ed544d690
"Inside the GitHub Infrastructure Powering North Korea’s Contagious Interview npm Attacks" published by Socket. #ContagiousInterview, #NPM, #OtterCookie, #DPRK, #CTI https://socket.dev/blog/north-korea-contagious-interview-npm-attacks
November 27, 2025 at 1:30 PM
"Inside the GitHub Infrastructure Powering North Korea’s Contagious Interview npm Attacks" published by Socket. #ContagiousInterview, #NPM, #OtterCookie, #DPRK, #CTI https://socket.dev/blog/north-korea-contagious-interview-npm-attacks
"FlexibleFerret: macOS Malware Deploys in Fake Job Scams" published by Jamf. #FlexibleFerret, #ContagiousInterview, #DPRK, #CTI https://www.jamf.com/blog/flexibleferret-malware-continues-to-adapt/
November 25, 2025 at 11:30 PM
"FlexibleFerret: macOS Malware Deploys in Fake Job Scams" published by Jamf. #FlexibleFerret, #ContagiousInterview, #DPRK, #CTI https://www.jamf.com/blog/flexibleferret-malware-continues-to-adapt/
"A Tsunami Sweeping the Cyber Battlefield Analysis of SectorA01’s Hacking Activities" published by NSHC. #SectorA01, #Tsunami, #DPRK, #CTI https://medium.com/@nshcthreatrecon/a-tsunami-sweeping-the-cyber-battlefield-analysis-of-sectora01s-hacking-activities-e4d006baae2f
November 25, 2025 at 1:30 PM
"A Tsunami Sweeping the Cyber Battlefield Analysis of SectorA01’s Hacking Activities" published by NSHC. #SectorA01, #Tsunami, #DPRK, #CTI https://medium.com/@nshcthreatrecon/a-tsunami-sweeping-the-cyber-battlefield-analysis-of-sectora01s-hacking-activities-e4d006baae2f
"Alliances of convenience: How APTs are beginning to work together" published by GenDigital. #InvisibleFerret, #Lazarus, #DPRK, #CTI https://www.gendigital.com/blog/insights/research/apt-cyber-alliances-2025
November 25, 2025 at 1:30 PM
"Alliances of convenience: How APTs are beginning to work together" published by GenDigital. #InvisibleFerret, #Lazarus, #DPRK, #CTI https://www.gendigital.com/blog/insights/research/apt-cyber-alliances-2025
"DPRK Contagious Interview Lure - Go Backdoor & Swift App" published by L0Psec. #ContagiousInterview, #Youtube, #DPRK, #CTI https://www.youtube.com/watch?v=VdW_e72cQw8
November 24, 2025 at 1:30 PM
"DPRK Contagious Interview Lure - Go Backdoor & Swift App" published by L0Psec. #ContagiousInterview, #Youtube, #DPRK, #CTI https://www.youtube.com/watch?v=VdW_e72cQw8
"More active DPRK macOS malware "Contagious Interview"" published by L0Psec. #ContagiousInterview, #DPRK, #CTI https://archive.md/GuCHv
November 23, 2025 at 1:30 PM
"More active DPRK macOS malware "Contagious Interview"" published by L0Psec. #ContagiousInterview, #DPRK, #CTI https://archive.md/GuCHv
"疑似APT-C-26(Lazarus)组织利用远程IT伪装部署监控程序的攻击行动分析" published by Qihoo360. #APT-C-26, #DPRK, #CTI https://mp.weixin.qq.com/s?__biz=MzUyMjk4NzExMA==&mid=2247507568&idx=1&sn=af3ec0ff4685722c599eefa26925c842
November 23, 2025 at 1:30 PM
"疑似APT-C-26(Lazarus)组织利用远程IT伪装部署监控程序的攻击行动分析" published by Qihoo360. #APT-C-26, #DPRK, #CTI https://mp.weixin.qq.com/s?__biz=MzUyMjk4NzExMA==&mid=2247507568&idx=1&sn=af3ec0ff4685722c599eefa26925c842
"Kimsuky's Ongoing Evolution of KimJongRAT and Expanding Threats" published by ENKI. #KimjongRAT, #Kimsuky, #DPRK, #CTI https://www.enki.co.kr/en/media-center/blog/kimsuky-s-ongoing-evolution-of-kimjongrat-and-expanding-threats
November 23, 2025 at 1:30 PM
"Kimsuky's Ongoing Evolution of KimJongRAT and Expanding Threats" published by ENKI. #KimjongRAT, #Kimsuky, #DPRK, #CTI https://www.enki.co.kr/en/media-center/blog/kimsuky-s-ongoing-evolution-of-kimjongrat-and-expanding-threats
"Kimsuky의 지속적인 KimJongRAT 변종 개발과 그 너머의 위협" published by ENKI. #KimjongRAT, #Kimsuky, #DPRK, #CTI https://www.enki.co.kr/media-center/blog/kimsuky-s-ongoing-evolution-of-kimjongrat-and-expanding-threats
November 23, 2025 at 1:30 PM
"Kimsuky의 지속적인 KimJongRAT 변종 개발과 그 너머의 위협" published by ENKI. #KimjongRAT, #Kimsuky, #DPRK, #CTI https://www.enki.co.kr/media-center/blog/kimsuky-s-ongoing-evolution-of-kimjongrat-and-expanding-threats
"Inside DPRK's Fake Job Platform Targeting U.S. AI Talent" published by Validin. #ClickFix, #ContagiousInterview, #DPRK, #CTI https://www.validin.com/blog/inside_dprk_fake_job_platform/
November 23, 2025 at 11:30 AM
"Inside DPRK's Fake Job Platform Targeting U.S. AI Talent" published by Validin. #ClickFix, #ContagiousInterview, #DPRK, #CTI https://www.validin.com/blog/inside_dprk_fake_job_platform/
"朝鲜APT双雄联手:Kimsuky 偷情报当 “眼睛”,Lazarus 盗币填 “钱袋”!" published by 紫队安全研究. #Kimsuky, #Lazarus, #DPRK, #CTI https://mp.weixin.qq.com/s/h4TCYVjdLALg4XfJr1jC0w
November 23, 2025 at 11:30 AM
"朝鲜APT双雄联手:Kimsuky 偷情报当 “眼睛”,Lazarus 盗币填 “钱袋”!" published by 紫队安全研究. #Kimsuky, #Lazarus, #DPRK, #CTI https://mp.weixin.qq.com/s/h4TCYVjdLALg4XfJr1jC0w
"Nation-State Actor’s Arsenal: An In-Depth Look at Lazarus’ ScoringMathTea" published by 0x0d4y. #Lazarus, #ScoringMathTea, #DPRK, #CTI https://0x0d4y.blog/arsenal-analysis-of-a-nation-state-actor-an-in-depth-look-at-lazarus-scoringmathtea/
November 18, 2025 at 11:30 PM
"Nation-State Actor’s Arsenal: An In-Depth Look at Lazarus’ ScoringMathTea" published by 0x0d4y. #Lazarus, #ScoringMathTea, #DPRK, #CTI https://0x0d4y.blog/arsenal-analysis-of-a-nation-state-actor-an-in-depth-look-at-lazarus-scoringmathtea/
"Inside The Shellcode Dissecting North Korean Apt43s Advanced Powershell Loader" published by Bloo. #APT43, #DPRK, #CTI https://bloo.io/blog/inside-the-shellcode-dissecting-north-korean-apt43s-advanced-powershell-loader
November 18, 2025 at 11:30 PM
"Inside The Shellcode Dissecting North Korean Apt43s Advanced Powershell Loader" published by Bloo. #APT43, #DPRK, #CTI https://bloo.io/blog/inside-the-shellcode-dissecting-north-korean-apt43s-advanced-powershell-loader
"Nation-State Actor’s Arsenal: An In-Depth Look at Lazarus’ ScoringMathTea" published by 0x0d4y. #Lazarus, #ScoringMathTea, #DPRK, #CTI https://0x0d4y.blog/arsenal-analysis-of-a-nation-state-actor-an-in-depth-look-at-lazarus-scoringmathtea/
November 18, 2025 at 1:30 PM
"Nation-State Actor’s Arsenal: An In-Depth Look at Lazarus’ ScoringMathTea" published by 0x0d4y. #Lazarus, #ScoringMathTea, #DPRK, #CTI https://0x0d4y.blog/arsenal-analysis-of-a-nation-state-actor-an-in-depth-look-at-lazarus-scoringmathtea/
"Inside The Shellcode Dissecting North Korean Apt43s Advanced Powershell Loader" published by Bloo. #APT43, #DPRK, #CTI https://bloo.io/blog/inside-the-shellcode-dissecting-north-korean-apt43s-advanced-powershell-loader
November 18, 2025 at 1:30 PM
"Inside The Shellcode Dissecting North Korean Apt43s Advanced Powershell Loader" published by Bloo. #APT43, #DPRK, #CTI https://bloo.io/blog/inside-the-shellcode-dissecting-north-korean-apt43s-advanced-powershell-loader
"Reframing Insights" published by ChollimaGroup. #ITWorker, #MoonstoneSleet, #DPRK, #CTI https://chollima-group.io/posts/reframing-insights-our-research-msmt
November 17, 2025 at 11:30 PM
"Reframing Insights" published by ChollimaGroup. #ITWorker, #MoonstoneSleet, #DPRK, #CTI https://chollima-group.io/posts/reframing-insights-our-research-msmt