An unsettlingly lifelike Google Search "malvertising" campaign was misusing Google ads. (Photo : ISSOUF SANOGO/AFP via Getty Images) Malwarebytes, a cybersecurity company, revealed on Thursday that it had found a "major" malvertising campaign that was misusing Google ads.
Threat actors already are exploiting vulnerability, dubbed ‘Follina’ and originally identified back in April, to target organizations in Russia and Tibet, researchers said.
North Korean-backed hacking group Lazarus has added the Windows Update client to its list of living-off-the-land binaries (LoLBins) and is now actively using it to execute malicious code on Windows systems.
Fake Kaseya VSA Security Update Drops Cobalt Strike threatpost.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from threatpost.com Daily Mail and Mail on Sunday newspapers.
APT Group Kimsuky Has New Attack Technique, Researchers Say
Compliance
@prajeetspeaks) • June 9, 2021 Get Permission
Researchers at Malwarebytes have uncovered the latest tactics, techniques and procedures used by the North Korean threat group Kimsuky, also known as Thallium, Black Banshee and Velvet Chollima, as it continues to launch espionage attacks. This time it is using an AppleSeed backdoor.
The Kimsuky group, which has been active since 2012, primarily focuses on government entities in South Korea, but also conducts espionage campaigns against targets in the U.S. and Japan.
The Malwarebytes Threat Intelligence team has been monitoring Kimsuky activities and was able to spot its phishing websites, malicious documents and scripts used to target high-profile people within the government of South Korea.