Found 5 bookmarks
Custom sorting
Stealthy Attributes of APT Lazarus: Evading Detection with Extended Attributes
Stealthy Attributes of APT Lazarus: Evading Detection with Extended Attributes
APT Lazarus has begun attempting to smuggle code using custom extended attributes. Extended attributes are metadata that can be associated with files and directories in various file systems. They allow users to store additional information about a file beyond the standard attributes like file size, timestamps, and permissions.
#group-ib#EN#2024#Extended#attributes#macos#Smuggling#APT#Lazarus
·group-ib.com·
Stealthy Attributes of APT Lazarus: Evading Detection with Extended Attributes
Not just an infostealer: Gopuram backdoor deployed through 3CX supply chain attack | Securelist
Not just an infostealer: Gopuram backdoor deployed through 3CX supply chain attack | Securelist
A DLL named guard64.dll, which was loaded into the infected 3CXDesktopApp.exe process, was used in recent deployments of a backdoor that we dubbed “Gopuram” and had been tracking internally since 2020.
#securelist#APT#Backdoor#Data-theft#Lazarus#Malware-Descriptions#Gopuram#guard64.dll#3CX
·securelist.com·
Not just an infostealer: Gopuram backdoor deployed through 3CX supply chain attack | Securelist
Not just an infostealer: Gopuram backdoor deployed through 3CX supply chain attack | Securelist
Not just an infostealer: Gopuram backdoor deployed through 3CX supply chain attack | Securelist
A DLL named guard64.dll, which was loaded into the infected 3CXDesktopApp.exe process, was used in recent deployments of a backdoor that we dubbed “Gopuram” and had been tracking internally since 2020.
#securelist#APT#Backdoor#Data-theft#Lazarus#Malware-Descriptions#Gopuram#guard64.dll#3CX
·securelist.com·
Not just an infostealer: Gopuram backdoor deployed through 3CX supply chain attack | Securelist