Tag: dtrack

2 Attack Reports | 0 Vulnerabilities

Attack reports

Play Ransomware Engagement

Unit 42 has identified Jumpy Pisces, a North Korean state-sponsored threat group, as a key player in a recent ransomware incident. The group appears to be collaborating with the Play ransomware group, marking a shift in their tactics. This is the first observed instance of Jumpy Pisces using existi…
north korea
sliver
mimikatz
dtrack
2024-10-30
play
reconnaissance general bureau
initial access broker
korean people's army
fiddling scorpius
play ransomware
Published: October 30, 2024
Downloadable IOCs: 0

Array of malware used to gather intelligence for North Korea

Microsoft Threat Intelligence analyzes the activities of the North Korean threat actor Onyx Sleet, which conducts cyber espionage operations primarily targeting military, defense, and technology industries. The report covers Onyx Sleet's affiliations with other North Korean threat groups, its targe…
espionage
north korea
CVE-2021-44228
sliver
smalltiger
2024-07-29
dtrack
CVE-2023-27350
tigerrat
CVE-2023-42793
lighthand
validalpha
Published: July 29, 2024
Linked vulnerabilities : CVE-2023-42793, CVE-2021-44228, CVE-2023-46604, CVE-2023-22515, CVE-2023-27350
Downloadable IOCs: 24
Click here to see more Attack Reports