CISA issues alert with South Korean government about DPRK’s ransomware antics

Categories: News

Categories: Ransomware

Tags: CISA

Tags: ransomware

Tags: Democratic People’s Republic of Korea

Tags: DPRK

Tags: North Korea

Tags: WannaCry

Tags: EternalBlue

Tags: Lazarus Group

Tags: APT

Tags: Magniber

Tags: Magnitude exploit kit

Tags: exploit kit

Tags: EK

Tags: Andariel

Tags: Silent Chollima

Tags: Stonefly

Tags: Maui

Tags: H0lyGh0st

Tags: PLUTONIUM

Tags: Conti

The tactics of North Korean-sponsored ransomware cyberattacks against the healthcare sector and other vital infrastructure are highlighted in the latest #StopRansomware alert.

(Read more…)

The post CISA issues alert with South Korean government about DPRK’s ransomware antics appeared first on Malwarebytes Labs.

Read more

Winnti APT group docks in Sri Lanka for new campaign

Categories: Threat Intelligence

Tags: Winnti

Tags: APT

Tags: China

Tags: Sri Lanka

Tags: India

Tags: Keyplug

Tags: malware

Tags: dropbox

Tags: C2

Tags: DBoxAgent

In this research paper, we document a new campaign we attribute to the Winnti APT group. The victims are located in Sri Lanka at a point in time where the country is going through economic hardship while China makes headlines for docking on of its special vessels there.

(Read more…)

The post Winnti APT group docks in Sri Lanka for new campaign appeared first on Malwarebytes Labs.

Read more

Chinese APT’s favorite vulnerabilities revealed

Categories: Exploits and vulnerabilities

Categories: News

Tags: Chinese APT

Tags: advanced persistent threat

Tags: APT

Tags: CISA

Tags: NSA

Tags: FBI

Tags: security advisory

CISA, the NSA and the FBI have compiled a list of the vulnerabilities targeted by state-sponsorted threat actors from China.

(Read more…)

The post Chinese APT’s favorite vulnerabilities revealed appeared first on Malwarebytes Labs.

Read more