lazarusholic
@lazarusholic.bsky.social
a big fan of lazarus. https://lazarus.day
"Nation-State Actor’s Arsenal: An In-Depth Look at Lazarus’ ScoringMathTea" published by 0x0d4y. #Lazarus, #ScoringMathTea, #DPRK, #CTI https://0x0d4y.blog/arsenal-analysis-of-a-nation-state-actor-an-in-depth-look-at-lazarus-scoringmathtea/
November 18, 2025 at 11:30 PM
"Nation-State Actor’s Arsenal: An In-Depth Look at Lazarus’ ScoringMathTea" published by 0x0d4y. #Lazarus, #ScoringMathTea, #DPRK, #CTI https://0x0d4y.blog/arsenal-analysis-of-a-nation-state-actor-an-in-depth-look-at-lazarus-scoringmathtea/
"Inside The Shellcode Dissecting North Korean Apt43s Advanced Powershell Loader" published by Bloo. #APT43, #DPRK, #CTI https://bloo.io/blog/inside-the-shellcode-dissecting-north-korean-apt43s-advanced-powershell-loader
November 18, 2025 at 11:30 PM
"Inside The Shellcode Dissecting North Korean Apt43s Advanced Powershell Loader" published by Bloo. #APT43, #DPRK, #CTI https://bloo.io/blog/inside-the-shellcode-dissecting-north-korean-apt43s-advanced-powershell-loader
"Nation-State Actor’s Arsenal: An In-Depth Look at Lazarus’ ScoringMathTea" published by 0x0d4y. #Lazarus, #ScoringMathTea, #DPRK, #CTI https://0x0d4y.blog/arsenal-analysis-of-a-nation-state-actor-an-in-depth-look-at-lazarus-scoringmathtea/
November 18, 2025 at 1:30 PM
"Nation-State Actor’s Arsenal: An In-Depth Look at Lazarus’ ScoringMathTea" published by 0x0d4y. #Lazarus, #ScoringMathTea, #DPRK, #CTI https://0x0d4y.blog/arsenal-analysis-of-a-nation-state-actor-an-in-depth-look-at-lazarus-scoringmathtea/
"Inside The Shellcode Dissecting North Korean Apt43s Advanced Powershell Loader" published by Bloo. #APT43, #DPRK, #CTI https://bloo.io/blog/inside-the-shellcode-dissecting-north-korean-apt43s-advanced-powershell-loader
November 18, 2025 at 1:30 PM
"Inside The Shellcode Dissecting North Korean Apt43s Advanced Powershell Loader" published by Bloo. #APT43, #DPRK, #CTI https://bloo.io/blog/inside-the-shellcode-dissecting-north-korean-apt43s-advanced-powershell-loader
"Reframing Insights" published by ChollimaGroup. #ITWorker, #MoonstoneSleet, #DPRK, #CTI https://chollima-group.io/posts/reframing-insights-our-research-msmt
November 17, 2025 at 11:30 PM
"Reframing Insights" published by ChollimaGroup. #ITWorker, #MoonstoneSleet, #DPRK, #CTI https://chollima-group.io/posts/reframing-insights-our-research-msmt
"Crypto giants moved billions linked to money launderers, drug traffickers and North Korean hackers" published by ICIJ. #MoneyLaundering, #News, #DPRK, #CTI https://www.icij.org/investigations/coin-laundry/cryptocurrency-exchanges-binance-okx-money-laundering-crime/
November 17, 2025 at 3:30 PM
"Crypto giants moved billions linked to money launderers, drug traffickers and North Korean hackers" published by ICIJ. #MoneyLaundering, #News, #DPRK, #CTI https://www.icij.org/investigations/coin-laundry/cryptocurrency-exchanges-binance-okx-money-laundering-crime/
"The Deepfake Threat: Chollima APT Group Uses AI Filters to Infiltrate Crypto and Web3 Companies" published by SOCRadar. #Deepfake, #FamousChollima, #DPRK, #CTI https://socradar.io/deepfake-threat-chollima-apt-group-uses-ai-crypto/
November 17, 2025 at 1:30 PM
"The Deepfake Threat: Chollima APT Group Uses AI Filters to Infiltrate Crypto and Web3 Companies" published by SOCRadar. #Deepfake, #FamousChollima, #DPRK, #CTI https://socradar.io/deepfake-threat-chollima-apt-group-uses-ai-crypto/
"Ukrainian Pleads Guilty in DC in Laptop Farm Scheme That Generated Income for North Korean IT Workers" published by USJustice. #ITWorker, #News, #DPRK, #CTI https://www.justice.gov/usao-dc/pr/ukrainian-pleads-guilty-dc-laptop-farm-scheme-generated-income-north-korean-it-workers
November 17, 2025 at 1:30 PM
"Ukrainian Pleads Guilty in DC in Laptop Farm Scheme That Generated Income for North Korean IT Workers" published by USJustice. #ITWorker, #News, #DPRK, #CTI https://www.justice.gov/usao-dc/pr/ukrainian-pleads-guilty-dc-laptop-farm-scheme-generated-income-north-korean-it-workers
"Malops Challenge 8: Reversing APT 37’s RokRaT Loader" published by callyso0414. #APT37, #RokRAT, #DPRK, #CTI https://medium.com/@callyso0414/malops-challenge-9-reversing-apt-37s-rokrat-loader-7f7ad49e4662
November 17, 2025 at 1:30 PM
"Malops Challenge 8: Reversing APT 37’s RokRaT Loader" published by callyso0414. #APT37, #RokRAT, #DPRK, #CTI https://medium.com/@callyso0414/malops-challenge-9-reversing-apt-37s-rokrat-loader-7f7ad49e4662
"Tracking The Trackers Lessons From The Apt43 Kimsuky Takedown" published by Bloo. #APTDown, #Kimsuky, #DPRK, #CTI https://bloo.io/blog/tracking-the-trackers-lessons-from-the-apt43-kimsuky-takedown
November 17, 2025 at 1:30 PM
"Tracking The Trackers Lessons From The Apt43 Kimsuky Takedown" published by Bloo. #APTDown, #Kimsuky, #DPRK, #CTI https://bloo.io/blog/tracking-the-trackers-lessons-from-the-apt43-kimsuky-takedown
"Be KVM, Do Fraud" published by Wav3. #ITWorker, #PiKVM, #TinyPilot, #DPRK, #CTI https://wav3.io/be-kvm-do-fraud
November 15, 2025 at 1:30 PM
"Be KVM, Do Fraud" published by Wav3. #ITWorker, #PiKVM, #TinyPilot, #DPRK, #CTI https://wav3.io/be-kvm-do-fraud
"Justice Department Announces Nationwide Actions to Combat Illicit North Korean Government Revenue Generation" published by USJustice. #APT38, #ITWorker, #News, #DPRK, #CTI https://www.justice.gov/opa/pr/justice-department-announces-nationwide-actions-combat-illicit-north-korean-government
November 15, 2025 at 1:30 PM
"Revisiting the Lazarus Operator: Mapping Park Jin Hyok’s Digital Footprint Using StealthMole" published by StealthMole. #APT38, #Lazarus, #DPRK, #CTI https://stealthmole-intelligence-hub.blogspot.com/2025/11/revisiting-lazarus-operator-mapping.html
November 15, 2025 at 1:30 PM
"Revisiting the Lazarus Operator: Mapping Park Jin Hyok’s Digital Footprint Using StealthMole" published by StealthMole. #APT38, #Lazarus, #DPRK, #CTI https://stealthmole-intelligence-hub.blogspot.com/2025/11/revisiting-lazarus-operator-mapping.html
"Cross-Chain TxDataHiding Crypto Heist: A Very Chainful Process (Part 3)" published by RansomISAC. #EtherHiding, #FamousChollima, #DPRK, #CTI https://ransom-isac.org/blog/cross-chain-txdatahiding-crypto-heist/
November 15, 2025 at 1:30 PM
"Cross-Chain TxDataHiding Crypto Heist: A Very Chainful Process (Part 3)" published by RansomISAC. #EtherHiding, #FamousChollima, #DPRK, #CTI https://ransom-isac.org/blog/cross-chain-txdatahiding-crypto-heist/
"Contagious Interview Actors Now Utilize JSON Storage Services for Malware Delivery" published by NVISO. #ContagiousInterview, #InvisibleFerret, #DPRK, #CTI https://blog.nviso.eu/2025/11/13/contagious-interview-actors-now-utilize-json-storage-services-for-malware-delivery/
November 13, 2025 at 1:30 PM
"Contagious Interview Actors Now Utilize JSON Storage Services for Malware Delivery" published by NVISO. #ContagiousInterview, #InvisibleFerret, #DPRK, #CTI https://blog.nviso.eu/2025/11/13/contagious-interview-actors-now-utilize-json-storage-services-for-malware-delivery/
"2025년 10월 APT 그룹 동향 보고서" published by Ahnlab. #FamousChollima, #Larva-25004, #Trend, #DPRK, #CTI https://asec.ahnlab.com/ko/90993/
November 13, 2025 at 1:30 PM
"2025년 10월 APT 그룹 동향 보고서" published by Ahnlab. #FamousChollima, #Larva-25004, #Trend, #DPRK, #CTI https://asec.ahnlab.com/ko/90993/
"U.S. Sanctions DPRK Crypto Laundering Network: Multiple Bank Staff and Financial Institutions Affected" published by Slowmist. #ITWorker, #Sanctions, #DPRK, #CTI https://slowmist.medium.com/u-s-sanctions-north-koreas-crypto-laundering-network-multiple-bank-staff-and-financial-d78de50e6404
November 11, 2025 at 1:30 PM
"U.S. Sanctions DPRK Crypto Laundering Network: Multiple Bank Staff and Financial Institutions Affected" published by Slowmist. #ITWorker, #Sanctions, #DPRK, #CTI https://slowmist.medium.com/u-s-sanctions-north-koreas-crypto-laundering-network-multiple-bank-staff-and-financial-d78de50e6404
"DPRK UNC3782" published by Wickeren. #Phishing, #UNC3782, #DPRK, #CTI https://medium.com/@meeswicky1100/dprk-unc3782-d66329e5c071
November 10, 2025 at 1:30 PM
"DPRK UNC3782" published by Wickeren. #Phishing, #UNC3782, #DPRK, #CTI https://medium.com/@meeswicky1100/dprk-unc3782-d66329e5c071
"Monthly Threat Actor Group Intelligence Report, October 2025" published by NSHC. #SectorA, #Trend, #DPRK, #CTI https://medium.com/@nshcthreatrecon/monthly-threat-actor-group-intelligence-report-october-2025-6a3ac29592cb
November 10, 2025 at 1:30 PM
"Monthly Threat Actor Group Intelligence Report, October 2025" published by NSHC. #SectorA, #Trend, #DPRK, #CTI https://medium.com/@nshcthreatrecon/monthly-threat-actor-group-intelligence-report-october-2025-6a3ac29592cb
"From North Korean IT Workers to IT recruiters" published by SecurityAlliance. #ITWorker, #DPRK, #CTI https://radar.securityalliance.org/from-north-korean-it-workers-to-it-recruiters/
November 10, 2025 at 1:30 PM
"From North Korean IT Workers to IT recruiters" published by SecurityAlliance. #ITWorker, #DPRK, #CTI https://radar.securityalliance.org/from-north-korean-it-workers-to-it-recruiters/
"건강검진 안내 문서로 위장한 악성코드" published by Logpresso. #Kimsuky, #DPRK, #CTI https://logpresso.com/en/blog/2025-11-06-healthcheckup-malware
November 10, 2025 at 1:30 PM
"건강검진 안내 문서로 위장한 악성코드" published by Logpresso. #Kimsuky, #DPRK, #CTI https://logpresso.com/en/blog/2025-11-06-healthcheckup-malware
"CISO Playbook: North Korean IT Workers" published by Sophos. #ITWorker, #DPRK, #CTI https://www.sophos.com/en-us/trust/ciso-playbooks
November 10, 2025 at 1:30 PM
"CISO Playbook: North Korean IT Workers" published by Sophos. #ITWorker, #DPRK, #CTI https://www.sophos.com/en-us/trust/ciso-playbooks
"State-Sponsored Remote Wipe Tactics Targeting Android Devices" published by Genians. #AutoIt, #Konni, #DPRK, #CTI https://www.genians.co.kr/en/blog/threat_intelligence/android
November 9, 2025 at 11:30 PM
"State-Sponsored Remote Wipe Tactics Targeting Android Devices" published by Genians. #AutoIt, #Konni, #DPRK, #CTI https://www.genians.co.kr/en/blog/threat_intelligence/android
"국가 배후 위협 조직의 안드로이드 디바이스 대상 원격 초기화 전술" published by Genians. #AutoIt, #Konni, #DPRK, #CTI https://www.genians.co.kr/blog/threat_intelligence/android
November 9, 2025 at 11:30 PM
"국가 배후 위협 조직의 안드로이드 디바이스 대상 원격 초기화 전술" published by Genians. #AutoIt, #Konni, #DPRK, #CTI https://www.genians.co.kr/blog/threat_intelligence/android