lazarus.day
Actors
Reports
Incidents
IoCs
Analytics
Actors
Reports
Incidents
IoCs
Support
#YARA
General
2017-11-14 •
HIDDEN COBRA – North Korean Remote Administration Tool: FALLCHILL
Share:
33
Tagged Reports
23
Unique Authors
2,580
Active Days
Tagged Reports
2023-04-20
ESET
Linux malware strengthens links between Lazarus and the 3CX supply‑chain attack
#3CXDesktopApp
#SmoothOperator
#YARA
#DreamJob
#T1134.002
#T1090
#T1573.001
#T1497.003
#T1140
#T1027.009
#T1585.003
#T1070.004
#T1587.001
#T1041
#T1132.001
#T1608.001
#T1204.002
#T1562.003
#T1071.001
#T1083
#T1546.004
#T1593.001
#T1566.002
#T1584.001
2023-04-11
3CX
Security Update Mandiant Initial Results
#SupplyChain
#YARA
#UNC4736
#TAXHAUL
#3CXDesktopApp
#SmoothOperator
2023-03-30
Nextron Systems
YARA rule set related to the 3CX incident
#SupplyChain
#3CXDesktopApp
#SmoothOperator
#YARA
2023-03-30
Huntress
3CX VoIP Software Compromise & Supply Chain Threats
#SupplyChain
#3CXDesktopApp
#SmoothOperator
#YARA
2023-03-09
Mandiant
Stealing the LIGHTSHOW (Part One) — North Korea's UNC2970
#LIGHTSHOW
#UNC2970
#YARA
#BYOVD
#UNC577
2023-03-09
Mandiant
Stealing the LIGHTSHOW (Part Two) — LIGHTSHIFT and LIGHTSHOW
#YARA
#BYOVD
#UNC2970
#LIGHTSHIFT
#LIGHTSHOW
2023-01-18
Greg Lesewich
Writing Rules for Non-Objective C Malware
#YARA
#Dacls
#MATA
2023-01-16
Greg Lesewich
YARA-ing with MacOS
#YARA
#APT37
#CloudMensis
#RokRAT
2022-04-21
Stairwell
The ink-stained trail of GOLDBACKDOOR
#APT37
#GoldBackdoor
#YARA
2020-12-15
Hvs-consulting
Greetings from Lazarus
#YARA
#Lazarus
#Whitepaper
#T1005
#T1070.004
#T1566.001
#T1497
#T1068
#T1003.001
#T1204.002
#T1021.002
#T1039
#T1552.001
#T1560.001
#T1547.001
#T1135
#T1048
#T1071.001
#T1136.001
#T1087.002
2020-08-18
With Secure
Lazarus group Campaign Targeting The Cryptocurrency Vertical
#Cryptocurrency
#Whitepaper
#YARA
#Lazarus
#T1059.005
#T1566.003
#T1552.001
#T1543.003
#T1027.002
#T1059.003
#T1003.001
#T1021.005
#T1070.004
#T1053.005
#T1078.002
#T1055.002
#T1070.001
#T1071.001
#T1112
#T1547.005
#T1083
#T1218.005
#T1059.001
#T1021.001
2020-05-15
Malwarelab
In depth analysis of Lazarus validator
#YARA
#Lazarus
2018-02-15
Alienvault
North Korean Cyber-Attacks and Collateral Damage
#YARA
#Lazarus
#WannaCry
2018-02-02
Flashpoint-intel
Targeted Attacks Against South Korean Entities May Have Been as Early as November 2017
#CVE-2018-4878
#YARA
2018-01-08
Alienvault
A North Korean Monero Cryptocurrency Miner
#YARA
#Miner
«
1
2
3
»
« Back