Mastodawn

lazarusholic Dec 28, 2024

"Analysis of Attack Cases Against Korean Solutions by the Andariel Group (SmallTiger)" published by Ahnlab. #Andariel, #SmallTiger, #DPRK, #CTI https://asec.ahnlab.com/en/85400/

Analysis of Attack Cases Against Korean Solutions by the Andariel Group (SmallTiger) - ASEC

The Andariel group has been attacking various software used by South Korean companies since the past [1]. Notably, these include asset management solutions and data loss prevention (DLP) solutions, and vulnerability attack cases have also been identified in various other solutions. Attack cases by the Andariel group are continuing in the second half of […]

ASEC

lazarusholic Dec 23, 2024

"Andariel 그룹의 국내 솔루션 대상 공격 사례 분석 (SmallTiger)" published by Ahnlab. #Andariel, #SmallTiger, #DPRK, #CTI https://asec.ahnlab.com/ko/85270/

Andariel 그룹의 국내 솔루션 대상 공격 사례 분석 (SmallTiger) - ASEC

Andariel 그룹은 과거부터 국내 기업들에서 사용하는 다양한 소프트웨어들을 공격해 왔다. [1] 대표적으로 자산 관리 솔루션, 정보 유출 방지 (DLP) 솔루션 등이 있으며 이외에도 다양한 솔루션들에 대한 취약점 공격 사례도 확인된다. 2024년 하반기에도 Andariel 그룹의 공격 사례는 지속되고 있으며 주로 SmallTiger를 설치하고 있다. [2] 악용 대상 소프트웨어로는 수년 전부터 악용 중인 국내 자산 관리 솔루션이 […]

ASEC

lazarusholic Oct 8, 2024

"APT and financial attacks on industrial organizations in Q2 2024" published by Kaspersky. #Andariel, #Kimsuky, #LilacSquid, #MoonstoneSleet, #SmallTiger, #Trend, #Xctdoor, #DPRK, #CTI https://ics-cert.kaspersky.com/publications/reports/2024/10/03/apt-and-financial-attacks-on-industrial-organizations-in-q2-2024/

APT and financial attacks on industrial organizations in Q2 2024 | Kaspersky ICS CERT

This summary provides an overview of the reports of APT and financial attacks on industrial enterprises that were disclosed in Q2 2024, as well as the related activities of groups that have been observed attacking industrial organizations and critical infrastructure facilities.

Kaspersky ICS CERT | Kaspersky Industrial Control Systems Cyber Emergency Response Team

lazarusholic Jul 27, 2024

"Onyx Sleet uses array of malware to gather intelligence for North Korea" published by Microsoft. #LightHand, #OnyxSleet, #TigerRAT, #SmallTiger, #BlackRAT, #ValidAlpha, #CTI, #OSINT, #LAZARUS https://www.microsoft.com/en-us/security/blog/2024/07/25/onyx-sleet-uses-array-of-malware-to-gather-intelligence-for-north-korea/

Onyx Sleet uses array of malware to gather intelligence for North Korea | Microsoft Security Blog

On July 25, 2024, the United States Department of Justice (DOJ) indicted an individual linked to the North Korean threat actor that Microsoft tracks as Onyx Sleet. Microsoft Threat Intelligence collaborated with the Federal Bureau of Investigation (FBI) in tracking activity associated with Onyx Sleet. We will continue to closely monitor Onyx Sleet’s activity to assess changes following the indictment.

Microsoft Security Blog

lazarusholic Jun 11, 2024

"SmallTiger Malware Used Against South Korean Businesses (Kimsuky and Andariel)" published by Ahnlab. #Kimsuky, #Andariel, #DurianBeacon, #SmallTiger, #CTI, #OSINT, #LAZARUS https://asec.ahnlab.com/en/66546/

SmallTiger Malware Used Against South Korean Businesses (Kimsuky and Andariel) - ASEC BLOG

AhnLab Security Emergency response Center

ASEC BLOG

lazarusholic May 27, 2024

"국내 기업 대상 공격에 사용 중인 SmallTiger 악성코드 (Kimsuky, Andariel 그룹)" published by Ahnlab. #Kimsuky, #Andariel, #DurianBeacon, #SmallTiger, #CTI, #OSINT, #LAZARUS https://asec.ahnlab.com/ko/65918/

국내 기업 대상 공격에 사용 중인 SmallTiger 악성코드 (Kimsuky, Andariel 그룹) - ASEC BLOG

AhnLab Security Emergency response Center

ASEC BLOG