lazarusholic"Lazarus APT updates its toolset in watering hole attacks" published by Kaspersky. #Innorix, #LPEClient, #Lazarus, #SIGNBT, #SyncHole, #ThreatNeedle, #AGAMEMNON, #CrossEX, #DPRK, #CTI https://securelist.com/operation-synchole-watering-hole-attacks-by-lazarus/116326/
🛡 
"🚨 Lazarus Strikes Again: A Deep Dive into Their Latest Campaign 🚨"
The Lazarus group, known for its relentless cyber-espionage campaigns, has unveiled a new wave of attacks. This time, they compromised a software vendor through unpatched legitimate software. Despite available patches, many systems continued using the flawed software, making them easy prey for Lazarus. 🛡️💻
The group's modus operandi involved exploiting these software vulnerabilities and then deploying the SIGNBT malware using a DLL side-loading technique. This malware, SIGNBT, communicates with its C2 server and has a unique identifier, making it a signature Lazarus tool. Moreover, the group also deployed LPEClient, a tool previously seen in attacks on defense contractors and the cryptocurrency sector. 🌐🔗
Lazarus's tactics have evolved, now exploiting high-profile software vulnerabilities to spread their malware efficiently. Their targets span across industries, emphasizing their adaptability and determination. 🎯🌍
Source: Securelist - Unveiling Lazarus' New Campaign
Tags: #Lazarus #CyberSecurity #APT #SIGNBT #LPEClient #SoftwareVulnerability #CyberEspionage 🕵️♂️🔍🔐
