Lazarus aka Hidden Cobra APT Group – Active IOCs
Contents
4,700 Phony Shopping Websites Used by Fraud Networks to Steal Credit Cards – Active IOCs
November 15, 2024Multiple Palo Alto Networks Vulnerabilities
November 15, 20244,700 Phony Shopping Websites Used by Fraud Networks to Steal Credit Cards – Active IOCs
November 15, 2024Multiple Palo Alto Networks Vulnerabilities
November 15, 2024Severity
High
Analysis Summary
Lazarus APT is one of North Korea's most sophisticated threat actors, and it has been operating since at least 2009. Initially, they concentrated on South Korea. It has recently shifted its focus to worldwide targets and began initiating attacks for monetary gain. This actor has been linked to attacks in South Korea, the United States, Japan, and several other nations. Lazarus APT is suspected of being behind several diverse efforts, including cyber espionage, and attacks on financial institutions, government agencies, and the military.
The Lazarus group has been known to use a variety of tactics, techniques, and procedures TTPs in their operations, including spear-phishing, malware, and …
November 15, 2024Multiple Palo Alto Networks Vulnerabilities
November 15, 20244,700 Phony Shopping Websites Used by Fraud Networks to Steal Credit Cards – Active IOCs
November 15, 2024Multiple Palo Alto Networks Vulnerabilities
November 15, 2024Severity
High
Analysis Summary
Lazarus APT is one of North Korea's most sophisticated threat actors, and it has been operating since at least 2009. Initially, they concentrated on South Korea. It has recently shifted its focus to worldwide targets and began initiating attacks for monetary gain. This actor has been linked to attacks in South Korea, the United States, Japan, and several other nations. Lazarus APT is suspected of being behind several diverse efforts, including cyber espionage, and attacks on financial institutions, government agencies, and the military.
The Lazarus group has been known to use a variety of tactics, techniques, and procedures TTPs in their operations, including spear-phishing, malware, and …
IoC
7a6b45351afef3f5d8015e0fb13342ba
f558987b89e65c49739f9b6f69e3c088
https://dragonfly.cloudstore.business/file/d/1iZ8GX_NkrnJvRM8atkT-YMQtlk0GchX1/view?usp=sharing_eil_m&ts=98923449
3f17c5a7d1e7fd138163d8039e614b8a967a56cb
05c178891ca1e65af53bbcfdbec573da3f74d176
54bbf9a07b0b89c0501359077aa98d707ac42b22b0f628265f70237e8a71194f
98bef63ce2a1f66592169996a9764be807afa181
274f4412999f561428930bd6ff38cd8e0062e5a6c9aea3e851c6752b7940ff08
75c81169d679fab821d77ea672f5a878626eb22d2110ffd7407623cb154ededd
0f5ae560bbaadc7244c6c75da30a101b
501ee5b43833e35a6be3a2f0f977bb7c
https://castleisland.sky-meeting.com/business/private/dQF-uWpG-hjJ
a5396648475416fcbbedb16470ab98cc
baf4da6b89b7d7cbf24c9deef5984ef9dfd52e6a
0907892725021508ad379c523d17c313e3690e99ab939e02d7e4edb6ff79ce3c
e5d97afa5f1501b3d5ec1a471dc8a3b8e2a84fdb
https://comma3.biz-meeting.site/join/THe-BfVv-VuK
e3c505b2457b1ac51c32bf428df070be0aa01fc90f3e35c68224832d83250c46
f558987b89e65c49739f9b6f69e3c088
https://dragonfly.cloudstore.business/file/d/1iZ8GX_NkrnJvRM8atkT-YMQtlk0GchX1/view?usp=sharing_eil_m&ts=98923449
3f17c5a7d1e7fd138163d8039e614b8a967a56cb
05c178891ca1e65af53bbcfdbec573da3f74d176
54bbf9a07b0b89c0501359077aa98d707ac42b22b0f628265f70237e8a71194f
98bef63ce2a1f66592169996a9764be807afa181
274f4412999f561428930bd6ff38cd8e0062e5a6c9aea3e851c6752b7940ff08
75c81169d679fab821d77ea672f5a878626eb22d2110ffd7407623cb154ededd
0f5ae560bbaadc7244c6c75da30a101b
501ee5b43833e35a6be3a2f0f977bb7c
https://castleisland.sky-meeting.com/business/private/dQF-uWpG-hjJ
a5396648475416fcbbedb16470ab98cc
baf4da6b89b7d7cbf24c9deef5984ef9dfd52e6a
0907892725021508ad379c523d17c313e3690e99ab939e02d7e4edb6ff79ce3c
e5d97afa5f1501b3d5ec1a471dc8a3b8e2a84fdb
https://comma3.biz-meeting.site/join/THe-BfVv-VuK
e3c505b2457b1ac51c32bf428df070be0aa01fc90f3e35c68224832d83250c46