North Korea (Lazarus Group): A new campaign which is believed to be tied to Lazarus Group was uncovered which was targeting Russian organizations. The campaign utilized malicious office documents to infect Russian organizations, specifically those with U.S. interests, with an updated version of the Keymarble backdoor. The researchers who discovered the campaign tied it to Lazarus group based on the use of Keymarble and “other techniques used in other Lazarus Group attacks.” This is an extremely odd turn of events considering Russia has been one of North Korea’s few supporting allies in the region. After China kicked out North Korean businesses and organizations, they also severely restricted North Korea’s access to the internet. Following this change in relations with China, Russia chose to move in and allow North Korea internet access through Russia. It is highly suspect for North Korea to have targeted Russian entities in light of their relationship. If this actually was the work of Lazarus Group, it could significantly impact the status of Russian and North Korean relations.
12 Essentials for a Successful SOC Partnership
As cyber threats continue to impact businesses of all sizes, the need for round-the-clock security