lazarusholicOct 8, 2024
"APT and financial attacks on industrial organizations in Q2 2024" published by Kaspersky. #Andariel, #Kimsuky, #LilacSquid, #MoonstoneSleet, #SmallTiger, #Trend, #Xctdoor, #DPRK, #CTI https://ics-cert.kaspersky.com/publications/reports/2024/10/03/apt-and-financial-attacks-on-industrial-organizations-in-q2-2024/
APT and financial attacks on industrial organizations in Q2 2024 | Kaspersky ICS CERT

This summary provides an overview of the reports of APT and financial attacks on industrial enterprises that were disclosed in Q2 2024, as well as the related activities of groups that have been observed attacking industrial organizations and critical infrastructure facilities.

Kaspersky ICS CERT | Kaspersky Industrial Control Systems Cyber Emergency Response Team
lazarusholicJun 17, 2024
"Everything You Need to Know About LilacSquid" published by Avertium. #LilacSquid, #UAT-4820, #CTI, #OSINT, #LAZARUS https://explore.avertium.com/resource/everything-you-need-to-know-about-lilacsquid
Everything You Need to Know About LilacSquid

Let’s look at APT group, LilacSquid, as well as recommendations on how organizations can protect themselves from this kind of threat actor.

Avertium
Anonymous 🐈️🐾☕🍵🏴🇵🇸 May 31, 2024

Researchers uncover #LilacSquid, a previously unknown cyber espionage group targeting #IT, energy, and pharmaceutical sectors in the U.S., Europe, and Asia since 2021.

https://thehackernews.com/2024/05/cyber-espionage-alert-lilacsquid.html

#infosec #cybersecurity

Cyber Espionage Alert: LilacSquid Targets IT, Energy, and Pharma Sectors

Cisco Talos uncovers a previously unknown cyber espionage group targeting organizations in the U.S., Europe, and Asia since 2021.

The Hacker News
The Threat CodexMay 31, 2024
LilacSquid: The stealthy trilogy of PurpleInk, InkBox and InkLoader
#PurpleInk #LilacSquid #InkLoader
https://blog.talosintelligence.com/lilacsquid/
LilacSquid: The stealthy trilogy of PurpleInk, InkBox and InkLoader

Cisco Talos is disclosing a new suspected data theft campaign, active since at least 2021, we attribute to an advanced persistent threat actor (APT) we’re calling “LilacSquid.”  Multiple TTPs utilized in this campaign bear some overlap with North Korean APT groups.

Cisco Talos Blog
securityaffairsMay 31, 2024
#LilacSquid #APT targeted organizations in the U.S., Europe, and Asia since at least 2021
https://securityaffairs.com/163927/apt/lilacsquid-targeted-orgs-in-us-europe-asia.html
#securityaffairs #hacking
LilacSquid APT targeted orgs in the U.S., Europe, and Asia

A previously undocumented APT group tracked as LilacSquid targeted organizations in the U.S., Europe, and Asia since at least 2021.

Security Affairs
lazarusholicMay 30, 2024
"LilacSquid: The stealthy trilogy of PurpleInk, InkBox and InkLoader" published by CiscoTalos. #InkBox, #InkLoader, #LilacSquid, #MeshAgent, #UAT-4820, #PurpleInk, #QuasarRAT, #CTI, #OSINT, #LAZARUS https://blog.talosintelligence.com/lilacsquid/
LilacSquid: The stealthy trilogy of PurpleInk, InkBox and InkLoader

Cisco Talos is disclosing a new suspected data theft campaign, active since at least 2021, we attribute to an advanced persistent threat actor (APT) we’re calling “LilacSquid.”  Multiple TTPs utilized in this campaign bear some overlap with North Korean APT groups.

Cisco Talos Blog
Cisco TalosMay 30, 2024
A new threat actor known as #LilacSquid is using several different pieces of #malware to silently infiltrate networks and steal sensitive data. Read more about this group and the TTPs they share with some North Korean state-sponsored actors https://blog.talosintelligence.com/lilacsquid/
LilacSquid: The stealthy trilogy of PurpleInk, InkBox and InkLoader

Cisco Talos is disclosing a new suspected data theft campaign, active since at least 2021, we attribute to an advanced persistent threat actor (APT) we’re calling “LilacSquid.”  Multiple TTPs utilized in this campaign bear some overlap with North Korean APT groups.

Cisco Talos Blog