Andariel Hacking Group Shifts Focus to Financial Attacks on U.S. Organizations Oct 02, 2024Ravie LakshmananCyber Threat / Malware Three different organizations in the U.S. were targeted in August 2024 by a North Korean state-sponsored threat actor called Andariel as part of a likely financially motivated attack. “While the attackers didn’t Read more…
Muddled Libra Shifts Focus to SaaS and Cloud for Extortion and Data Theft Attacks The threat actor known as Muddled Libra has been observed actively targeting software-as-a-service (SaaS) applications and cloud service provider (CSP) environments in a bid to exfiltrate sensitive data. “Organizations often store a variety of data in SaaS applications Read more…
N. Korea-linked Kimsuky Shifts to Compiled HTML Help Files in Ongoing Cyberattacks The North Korea-linked threat actor known as Kimsuky (aka Black Banshee, Emerald Sleet, or Springtail) has been observed shifting its tactics, leveraging Compiled HTML Help (CHM) files as vectors to deliver malware for harvesting sensitive data. Kimsuky, active since at Read more…