lazarusholicJan 4, 2024
"100DaysofYARA - SpectralBlur" published by GregLesewich. #KANDYKORN, #TA444, #YARA, #CTI, #OSINT, #LAZARUS https://g-les.github.io/yara/2024/01/03/100DaysofYARA_SpectralBlur.html
100DaysofYARA - SpectralBlur

100DaysofYARA - SpectralBlur

A Clever Blog Name by Greg Lesnewich
Selena LarsonFeb 21, 2023
New episode of DISCARDED with @glesnewich talking all things #TA444, DPRK's weird crypto heisters with a startup vibe.
Apple: https://podcasts.apple.com/us/podcast/discarded-tales-from-the-threat-research-trenches/id1612506550?i=1000600936288
Spotify: https://open.spotify.com/episode/012uqBngPQkxuVyVufoySx?si=vJmEdTlVThuq3Fsm88exYQ
Google: https://podcasts.google.com/feed/aHR0cHM6Ly93d3cuc3ByZWFrZXIuY29tL3Nob3cvNTc0NTQzMS9lcGlzb2Rlcy9mZWVk/episode/aHR0cHM6Ly9hcGkuc3ByZWFrZXIuY29tL2VwaXNvZGUvNTI4MDMwNTk?sa=X&ved=0CAUQkfYCahcKEwiQheTXyqf9AhUAAAAAHQAAAAAQCg
Web: https://www.proofpoint.com/us/podcasts/discarded#124411
‎DISCARDED: Tales From the Threat Research Trenches: A Venture Mindset: North Korean Actors Go Beyond Espionage on Apple Podcasts

‎Show DISCARDED: Tales From the Threat Research Trenches, Ep A Venture Mindset: North Korean Actors Go Beyond Espionage - Feb 21, 2023

Apple Podcasts
Julian-Ferdinand VögeleJan 25, 2023
Interesting (and fun) report by @glesnewich on North Korean state-sponsored, money-making threat actor #TA444 (oberlapping with Chollima, APT38, Bluenoroff, etc.): https://www.proofpoint.com/us/blog/threat-insight/ta444-apt-startup-aimed-at-your-funds
TA444: The APT Startup Aimed at Acquisition (of Your Funds) | Proofpoint US

Proofpoint
securityaffairsJan 25, 2023
North Korea-linked #TA444 group turns to credential harvesting activity
https://securityaffairs.com/141325/apt/ta444-turns-credential-harvesting-activity.html
#securityaffairs #hacking #malware
North Korea-linked TA444 group turns to credential harvesting activity

North Korea-linked TA444 group is behind a credential harvesting campaign targeting a number of industry verticals. Proofpoint researchers reported that North Korea-linked TA444 APT group (aka APT38, BlueNoroff, Copernicium, and Stardust Chollima) is behind a credential harvesting campaign targeting a number of industry verticals. APT38 appears to be a North Korea-linked group separate from the infamous Lazarus group, […]

Security Affairs