lazarusholic"FortiGuard Labs Outbreak Alerts Annual Report 2023: A Glimpse into the Evolving Threat Landscape" published by Fortinet. #Trend, #LabyrinthChollima, #Andariel, #DiamondSleet, #CTI, #OSINT, #LAZARUS https://www.fortinet.com/blog/threat-research/fortiguard-labs-outbreak-alerts-report-2023
"JetBrains TeamCity Compromised: North Korea and Russia Target High-Value Supply Chain Links" published by Checkmarx. #CyberLink, #CVE-2023–42793, #DiamondSleet, #CTI, #OSINT, #LAZARUS https://medium.com/checkmarx-security/jetbrains-teamcity-compromised-north-korea-and-russia-target-high-value-supply-chain-links-a057379d3bd2
FreemindThe group manipulated an application developed by Taiwanese software company CyberLink, creating a malicious variant.
#Cybersecurity #NorthKorea #Microsoft #DiamondSleet #Malware #Devices #CyberLink
Global Impact: Microsoft Reveals North Korean CyberLink Attack Affecting Devices Worldwide
Microsoft has uncovered a supply chain attack orchestrated by North Korean hackers, targeting a legitimate photo and video editing application installer. In a blog post on Wednesday, Microsoft Thre…
"Diamond Sleet supply chain compromise distributes a modified CyberLink installer" published by Microsoft. #LambLoad, #CyberLink, #DiamondSleet, #CTI, #OSINT, #LAZARUS https://www.microsoft.com/en-us/security/blog/2023/11/22/diamond-sleet-supply-chain-compromise-distributes-a-modified-cyberlink-installer/
Diamond Sleet supply chain compromise distributes a modified CyberLink installer | Microsoft Security Blog
Microsoft has uncovered a supply chain attack by the threat actor Diamond Sleet (ZINC) involving a malicious variant of an application developed by CyberLink Corp. This malicious file is a legitimate CyberLink application installer that has been modified to include malicious code that downloads, decrypts, and loads a second-stage payload. The file, which was signed using a valid certificate issued to CyberLink Corp., is hosted on legitimate update infrastructure owned by the organization.
"Multiple North Korean threat actors exploiting the TeamCity CVE-2023-42793 vulnerability" published by Microsoft. #CVE-2023-42793, #OnyxSleet, #DiamondSleet, #CTI, #OSINT, #LAZARUS https://www.microsoft.com/en-us/security/blog/2023/10/18/multiple-north-korean-threat-actors-exploiting-the-teamcity-cve-2023-42793-vulnerability/
Multiple North Korean threat actors exploiting the TeamCity CVE-2023-42793 vulnerability | Microsoft Security Blog
Since early October 2023, Microsoft has observed North Korean nation-state threat actors Diamond Sleet and Onyx Sleet exploiting the Jet Brains TeamCity CVE-2023-42793 remote-code execution vulnerability. Given supply chain attacks carried out by these threat actors in the past, Microsoft assesses that this activity poses a particularly high risk to organizations who are affected.
dispatch3CX Breach Was a Double Supply Chain Compromise https://krebsonsecurity.com/2023/04/3cx-breach-was-a-double-supply-chain-compromise/ #doublesupplychainbreach #Marc-EtienneM.Leveille #TradingTechnologies #Ne'er-Do-WellNews #ClearSkySecurity #ALittleSunshine #ElasticSecurity #LatestWarnings #TheComingStorm #ICONICSTEALER #DiamondSleet #KasperskyLab #PeterKalnai #supplychain #kimzetter #microsoft #Mandiant #X_Trader #zeroday #macOS #ESET #ZINC #3CX
ITSEC News3CX Breach Was a Double Supply Chain Compromise - We learned some remarkable new details this week about the recent supply-chain att... https://krebsonsecurity.com/2023/04/3cx-breach-was-a-double-supply-chain-compromise/ #doublesupplychainbreach #marc-etiennem.leveille #tradingtechnologies #neer-do-wellnews #clearskysecurity #alittlesunshine #elasticsecurity #latestwarnings #thecomingstorm #iconicstealer #diamondsleet #kasperskylab #peterkalnai #supplychain #kimzetter #microsoft #mandiant