#lazarus — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #lazarus, aggregated by home.social.
-
RemotePE: The Lazarus RAT that lives in memory
Pulse ID: 6a15279470f40ea28e34fa55
Pulse Link: https://otx.alienvault.com/pulse/6a15279470f40ea28e34fa55
Pulse Author: Tr1sa111
Created: 2026-05-26 04:54:44Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #InfoSec #Lazarus #OTX #OpenThreatExchange #RAT #bot #Tr1sa111
-
RemotePE: The Lazarus RAT that lives in memory
A sophisticated memory-only toolset used by a North Korean Lazarus subgroup targeting financial and cryptocurrency organizations consists of three malware families forming a chain. DPAPILoader decrypts and loads RemotePELoader from disk using Windows Data Protection API. RemotePELoader beacons to command-and-control servers and retrieves RemotePE, a fully-fledged remote access trojan executed entirely in memory without filesystem artifacts. The toolset employs environmental keying via DPAPI, EDR evasion through HellsGate technique and ETW patching, actor-in-the-loop payload delivery, and shared hosting infrastructure on Namecheap. RemotePE features comprehensive RAT capabilities including file operations, process management, command execution, and a plugin system for dynamically loading additional payloads, while maintaining persistence through masquerading as legitimate Windows services.
Pulse ID: 6a1447f25db6bc082d5093cb
Pulse Link: https://otx.alienvault.com/pulse/6a1447f25db6bc082d5093cb
Pulse Author: AlienVault
Created: 2026-05-25 13:00:34Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #EDR #Edge #InfoSec #Korea #Lazarus #Malware #Namecheap #NorthKorea #OTX #OpenThreatExchange #RAT #RemoteAccessTrojan #Trojan #Windows #bot #cryptocurrency #AlienVault
-
RemotePE: The Lazarus RAT that lives in memory
A sophisticated memory-only toolset used by a North Korean Lazarus subgroup targeting financial and cryptocurrency organizations consists of three malware families forming a chain. DPAPILoader decrypts and loads RemotePELoader from disk using Windows Data Protection API. RemotePELoader beacons to command-and-control servers and retrieves RemotePE, a fully-fledged remote access trojan executed entirely in memory without filesystem artifacts. The toolset employs environmental keying via DPAPI, EDR evasion through HellsGate technique and ETW patching, actor-in-the-loop payload delivery, and shared hosting infrastructure on Namecheap. RemotePE features comprehensive RAT capabilities including file operations, process management, command execution, and a plugin system for dynamically loading additional payloads, while maintaining persistence through masquerading as legitimate Windows services.
Pulse ID: 6a1447f25db6bc082d5093cb
Pulse Link: https://otx.alienvault.com/pulse/6a1447f25db6bc082d5093cb
Pulse Author: AlienVault
Created: 2026-05-25 13:00:34Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #EDR #Edge #InfoSec #Korea #Lazarus #Malware #Namecheap #NorthKorea #OTX #OpenThreatExchange #RAT #RemoteAccessTrojan #Trojan #Windows #bot #cryptocurrency #AlienVault
-
RemotePE: The Lazarus RAT that lives in memory
A sophisticated memory-only toolset used by a North Korean Lazarus subgroup targeting financial and cryptocurrency organizations consists of three malware families forming a chain. DPAPILoader decrypts and loads RemotePELoader from disk using Windows Data Protection API. RemotePELoader beacons to command-and-control servers and retrieves RemotePE, a fully-fledged remote access trojan executed entirely in memory without filesystem artifacts. The toolset employs environmental keying via DPAPI, EDR evasion through HellsGate technique and ETW patching, actor-in-the-loop payload delivery, and shared hosting infrastructure on Namecheap. RemotePE features comprehensive RAT capabilities including file operations, process management, command execution, and a plugin system for dynamically loading additional payloads, while maintaining persistence through masquerading as legitimate Windows services.
Pulse ID: 6a1447f25db6bc082d5093cb
Pulse Link: https://otx.alienvault.com/pulse/6a1447f25db6bc082d5093cb
Pulse Author: AlienVault
Created: 2026-05-25 13:00:34Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #EDR #Edge #InfoSec #Korea #Lazarus #Malware #Namecheap #NorthKorea #OTX #OpenThreatExchange #RAT #RemoteAccessTrojan #Trojan #Windows #bot #cryptocurrency #AlienVault
-
RemotePE: The Lazarus RAT that lives in memory
A sophisticated memory-only toolset used by a North Korean Lazarus subgroup targeting financial and cryptocurrency organizations consists of three malware families forming a chain. DPAPILoader decrypts and loads RemotePELoader from disk using Windows Data Protection API. RemotePELoader beacons to command-and-control servers and retrieves RemotePE, a fully-fledged remote access trojan executed entirely in memory without filesystem artifacts. The toolset employs environmental keying via DPAPI, EDR evasion through HellsGate technique and ETW patching, actor-in-the-loop payload delivery, and shared hosting infrastructure on Namecheap. RemotePE features comprehensive RAT capabilities including file operations, process management, command execution, and a plugin system for dynamically loading additional payloads, while maintaining persistence through masquerading as legitimate Windows services.
Pulse ID: 6a1447f25db6bc082d5093cb
Pulse Link: https://otx.alienvault.com/pulse/6a1447f25db6bc082d5093cb
Pulse Author: AlienVault
Created: 2026-05-25 13:00:34Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #EDR #Edge #InfoSec #Korea #Lazarus #Malware #Namecheap #NorthKorea #OTX #OpenThreatExchange #RAT #RemoteAccessTrojan #Trojan #Windows #bot #cryptocurrency #AlienVault
-
RemotePE: The Lazarus RAT that lives in memory
A sophisticated memory-only toolset used by a North Korean Lazarus subgroup targeting financial and cryptocurrency organizations consists of three malware families forming a chain. DPAPILoader decrypts and loads RemotePELoader from disk using Windows Data Protection API. RemotePELoader beacons to command-and-control servers and retrieves RemotePE, a fully-fledged remote access trojan executed entirely in memory without filesystem artifacts. The toolset employs environmental keying via DPAPI, EDR evasion through HellsGate technique and ETW patching, actor-in-the-loop payload delivery, and shared hosting infrastructure on Namecheap. RemotePE features comprehensive RAT capabilities including file operations, process management, command execution, and a plugin system for dynamically loading additional payloads, while maintaining persistence through masquerading as legitimate Windows services.
Pulse ID: 6a1447f25db6bc082d5093cb
Pulse Link: https://otx.alienvault.com/pulse/6a1447f25db6bc082d5093cb
Pulse Author: AlienVault
Created: 2026-05-25 13:00:34Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #EDR #Edge #InfoSec #Korea #Lazarus #Malware #Namecheap #NorthKorea #OTX #OpenThreatExchange #RAT #RemoteAccessTrojan #Trojan #Windows #bot #cryptocurrency #AlienVault
-
Faith Demands Sacrifice. Survival Demands Blood. Welcome to LAZARUS ORDER.
A collision of medieval horror, dark fantasy, plague-era paranoia, and straight-up nightmare fuel is coming this summer, and Mad Cave Studios is not playing around. LAZARUS ORDER is stepping out of the shadows like a plague doctor with...
https://comiccrusaders.com/comic-books/comic-book-previews/faith-demands-sacrifice-survival-demands-blood-welcome-to-lazarus-order/
#lazarus order #comics #comic books #mad cave studios -
Faith Demands Sacrifice. Survival Demands Blood. Welcome to LAZARUS ORDER.
A collision of medieval horror, dark fantasy, plague-era paranoia, and straight-up nightmare fuel is coming this summer, and Mad Cave Studios is not playing around. LAZARUS ORDER is stepping out of the shadows like a plague doctor with...
https://comiccrusaders.com/comic-books/comic-book-previews/faith-demands-sacrifice-survival-demands-blood-welcome-to-lazarus-order/
#lazarus order #comics #comic books #mad cave studios -
Faith Demands Sacrifice. Survival Demands Blood. Welcome to LAZARUS ORDER.
A collision of medieval horror, dark fantasy, plague-era paranoia, and straight-up nightmare fuel is coming this summer, and Mad Cave Studios is not playing around. LAZARUS ORDER is stepping out of the shadows like a plague doctor with...
https://comiccrusaders.com/comic-books/comic-book-previews/faith-demands-sacrifice-survival-demands-blood-welcome-to-lazarus-order/
#lazarus order #comics #comic books #mad cave studios -
Цена одной опечатки: Как три неверные буквы сорвали киберограбление на миллиард долларов
Взлом системы SWIFT часто кажется чем-то из области голливудской фантастики, но в 2016 году группировка Lazarus доказала обратное. В этой статье мы шаг за шагом разберем архитектуру одной из самых дерзких APT-атак в истории: на Центробанк Бангладеш. Вы узнаете, как хакеры использовали целевой фишинг для первичного проникновения, как обходили встроенную криптографию ПО Alliance Access в оперативной памяти и зачем им понадобилось модифицировать прошивку обычного матричного принтера. Это история о том, как тотальная экономия на сетевой инфраструктуре чуть не стоила суверенному государству миллиарда долларов.
https://habr.com/ru/articles/1038600/
#информационная_безопасность #lazarus #киберпреступность #swift #apt #малварь #хакеры #бангладеш #социальная_инженерия #уязвимости
-
Цена одной опечатки: Как три неверные буквы сорвали киберограбление на миллиард долларов
Взлом системы SWIFT часто кажется чем-то из области голливудской фантастики, но в 2016 году группировка Lazarus доказала обратное. В этой статье мы шаг за шагом разберем архитектуру одной из самых дерзких APT-атак в истории: на Центробанк Бангладеш. Вы узнаете, как хакеры использовали целевой фишинг для первичного проникновения, как обходили встроенную криптографию ПО Alliance Access в оперативной памяти и зачем им понадобилось модифицировать прошивку обычного матричного принтера. Это история о том, как тотальная экономия на сетевой инфраструктуре чуть не стоила суверенному государству миллиарда долларов.
https://habr.com/ru/articles/1038600/
#информационная_безопасность #lazarus #киберпреступность #swift #apt #малварь #хакеры #бангладеш #социальная_инженерия #уязвимости
-
Цена одной опечатки: Как три неверные буквы сорвали киберограбление на миллиард долларов
Взлом системы SWIFT часто кажется чем-то из области голливудской фантастики, но в 2016 году группировка Lazarus доказала обратное. В этой статье мы шаг за шагом разберем архитектуру одной из самых дерзких APT-атак в истории: на Центробанк Бангладеш. Вы узнаете, как хакеры использовали целевой фишинг для первичного проникновения, как обходили встроенную криптографию ПО Alliance Access в оперативной памяти и зачем им понадобилось модифицировать прошивку обычного матричного принтера. Это история о том, как тотальная экономия на сетевой инфраструктуре чуть не стоила суверенному государству миллиарда долларов.
https://habr.com/ru/articles/1038600/
#информационная_безопасность #lazarus #киберпреступность #swift #apt #малварь #хакеры #бангладеш #социальная_инженерия #уязвимости
-
Цена одной опечатки: Как три неверные буквы сорвали киберограбление на миллиард долларов
Взлом системы SWIFT часто кажется чем-то из области голливудской фантастики, но в 2016 году группировка Lazarus доказала обратное. В этой статье мы шаг за шагом разберем архитектуру одной из самых дерзких APT-атак в истории: на Центробанк Бангладеш. Вы узнаете, как хакеры использовали целевой фишинг для первичного проникновения, как обходили встроенную криптографию ПО Alliance Access в оперативной памяти и зачем им понадобилось модифицировать прошивку обычного матричного принтера. Это история о том, как тотальная экономия на сетевой инфраструктуре чуть не стоила суверенному государству миллиарда долларов.
https://habr.com/ru/articles/1038600/
#информационная_безопасность #lazarus #киберпреступность #swift #apt #малварь #хакеры #бангладеш #социальная_инженерия #уязвимости
-
#Lazarus won Best Original Anime at the #CrunchyrollAnimeAwards.
That's twice in a row that a #Toonami Original #anime has won this particular award. Not bad for a block that people still don't know is still running to this day.
-
#Lazarus won Best Original Anime at the #CrunchyrollAnimeAwards.
That's twice in a row that a #Toonami Original #anime has won this particular award. Not bad for a block that people still don't know is still running to this day.
-
#Arkansas arm-wrestling champ brings competition to -
https://kensbookinfo.blogspot.com/p/us-capitals.html#LittleRock3 keys for #NewYork in Game 3 of #EastHern Conference -
https://kensbookinfo.blogspot.com/p/sports.html#25#Limerick man gets 50-year driving ban for motoring -
https://kensbookinfo.blogspot.com/p/ireland.html#AgrilandMad Cave invites you to join the #LAZARUS ORDER -
https://kensbookinfo.blogspot.com/p/etc-continents.html#Caribbean#Europe faces 'bad outcome', #Russia remains independent -
https://kensbookinfo.blogspot.com/p/etc.html#RussiaView all general interest news https://kensbookinfo.blogspot.com/2026/03/latest-general-interest-news.html
-
The Gentleman Ransomware | Defense Evasion TTPs Uncovered
In April and May 2026, investigations revealed two incidents involving The Gentlemen ransomware-as-a-service operation, which has claimed over 400 victims across 70 countries since mid-2025. Both incidents demonstrated common tactics including Scheduled Tasks, PowerShell commands, and defense evasion techniques such as clearing Security, System, and Application Event Logs, disabling Microsoft Defender, and adding antivirus exclusions. A leaked internal database in early May exposed the operation's infrastructure, affiliate structure, and targeting of vulnerabilities like CVE-2024-55591. The attacks showed threat actors using RDP connections, disguised executables, SOCKS proxy connections for persistence, and domain-wide deployment via NETLOGON shares. Despite attempts to evade detection, sufficient forensic telemetry remained for analysis, revealing workstation names previously associated with Qilin ransomware and Lazarus infrastructure.
Pulse ID: 6a0f8f34dd916c38a643df30
Pulse Link: https://otx.alienvault.com/pulse/6a0f8f34dd916c38a643df30
Pulse Author: AlienVault
Created: 2026-05-21 23:03:16Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #ICS #InfoSec #Lazarus #Microsoft #MicrosoftDefender #OTX #OpenThreatExchange #PowerShell #Proxy #RAT #RDP #RansomWare #RansomwareAsAService #bot #AlienVault
-
The Gentleman Ransomware | Defense Evasion TTPs Uncovered
In April and May 2026, investigations revealed two incidents involving The Gentlemen ransomware-as-a-service operation, which has claimed over 400 victims across 70 countries since mid-2025. Both incidents demonstrated common tactics including Scheduled Tasks, PowerShell commands, and defense evasion techniques such as clearing Security, System, and Application Event Logs, disabling Microsoft Defender, and adding antivirus exclusions. A leaked internal database in early May exposed the operation's infrastructure, affiliate structure, and targeting of vulnerabilities like CVE-2024-55591. The attacks showed threat actors using RDP connections, disguised executables, SOCKS proxy connections for persistence, and domain-wide deployment via NETLOGON shares. Despite attempts to evade detection, sufficient forensic telemetry remained for analysis, revealing workstation names previously associated with Qilin ransomware and Lazarus infrastructure.
Pulse ID: 6a0f8f34dd916c38a643df30
Pulse Link: https://otx.alienvault.com/pulse/6a0f8f34dd916c38a643df30
Pulse Author: AlienVault
Created: 2026-05-21 23:03:16Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #ICS #InfoSec #Lazarus #Microsoft #MicrosoftDefender #OTX #OpenThreatExchange #PowerShell #Proxy #RAT #RDP #RansomWare #RansomwareAsAService #bot #AlienVault
-
The Gentleman Ransomware | Defense Evasion TTPs Uncovered
In April and May 2026, investigations revealed two incidents involving The Gentlemen ransomware-as-a-service operation, which has claimed over 400 victims across 70 countries since mid-2025. Both incidents demonstrated common tactics including Scheduled Tasks, PowerShell commands, and defense evasion techniques such as clearing Security, System, and Application Event Logs, disabling Microsoft Defender, and adding antivirus exclusions. A leaked internal database in early May exposed the operation's infrastructure, affiliate structure, and targeting of vulnerabilities like CVE-2024-55591. The attacks showed threat actors using RDP connections, disguised executables, SOCKS proxy connections for persistence, and domain-wide deployment via NETLOGON shares. Despite attempts to evade detection, sufficient forensic telemetry remained for analysis, revealing workstation names previously associated with Qilin ransomware and Lazarus infrastructure.
Pulse ID: 6a0f8f34dd916c38a643df30
Pulse Link: https://otx.alienvault.com/pulse/6a0f8f34dd916c38a643df30
Pulse Author: AlienVault
Created: 2026-05-21 23:03:16Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #ICS #InfoSec #Lazarus #Microsoft #MicrosoftDefender #OTX #OpenThreatExchange #PowerShell #Proxy #RAT #RDP #RansomWare #RansomwareAsAService #bot #AlienVault
-
The Gentleman Ransomware | Defense Evasion TTPs Uncovered
In April and May 2026, investigations revealed two incidents involving The Gentlemen ransomware-as-a-service operation, which has claimed over 400 victims across 70 countries since mid-2025. Both incidents demonstrated common tactics including Scheduled Tasks, PowerShell commands, and defense evasion techniques such as clearing Security, System, and Application Event Logs, disabling Microsoft Defender, and adding antivirus exclusions. A leaked internal database in early May exposed the operation's infrastructure, affiliate structure, and targeting of vulnerabilities like CVE-2024-55591. The attacks showed threat actors using RDP connections, disguised executables, SOCKS proxy connections for persistence, and domain-wide deployment via NETLOGON shares. Despite attempts to evade detection, sufficient forensic telemetry remained for analysis, revealing workstation names previously associated with Qilin ransomware and Lazarus infrastructure.
Pulse ID: 6a0f8f34dd916c38a643df30
Pulse Link: https://otx.alienvault.com/pulse/6a0f8f34dd916c38a643df30
Pulse Author: AlienVault
Created: 2026-05-21 23:03:16Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #ICS #InfoSec #Lazarus #Microsoft #MicrosoftDefender #OTX #OpenThreatExchange #PowerShell #Proxy #RAT #RDP #RansomWare #RansomwareAsAService #bot #AlienVault
-
The Gentleman Ransomware | Defense Evasion TTPs Uncovered
In April and May 2026, investigations revealed two incidents involving The Gentlemen ransomware-as-a-service operation, which has claimed over 400 victims across 70 countries since mid-2025. Both incidents demonstrated common tactics including Scheduled Tasks, PowerShell commands, and defense evasion techniques such as clearing Security, System, and Application Event Logs, disabling Microsoft Defender, and adding antivirus exclusions. A leaked internal database in early May exposed the operation's infrastructure, affiliate structure, and targeting of vulnerabilities like CVE-2024-55591. The attacks showed threat actors using RDP connections, disguised executables, SOCKS proxy connections for persistence, and domain-wide deployment via NETLOGON shares. Despite attempts to evade detection, sufficient forensic telemetry remained for analysis, revealing workstation names previously associated with Qilin ransomware and Lazarus infrastructure.
Pulse ID: 6a0f8f34dd916c38a643df30
Pulse Link: https://otx.alienvault.com/pulse/6a0f8f34dd916c38a643df30
Pulse Author: AlienVault
Created: 2026-05-21 23:03:16Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #ICS #InfoSec #Lazarus #Microsoft #MicrosoftDefender #OTX #OpenThreatExchange #PowerShell #Proxy #RAT #RDP #RansomWare #RansomwareAsAService #bot #AlienVault
-
#LAZARUS #SANGMA advanced-search.headlines-world.com/advanced-sea... #KIEREN #PERKINS semantic-search.allgraph.ro/advanced-sea... Semantic BACKLINKS: The Bridge between Humans and AI. AÉPIOT ( #aePiot ): INDEPENDENT SEMANTIC WEB 4.0 INFRASTRUCTURE (EST. 2009): headlines-world.com
MultiSearch Tag Explorer -
#LAZARUS #SANGMA advanced-search.headlines-world.com/advanced-sea... #KIEREN #PERKINS semantic-search.allgraph.ro/advanced-sea... Semantic BACKLINKS: The Bridge between Humans and AI. AÉPIOT ( #aePiot ): INDEPENDENT SEMANTIC WEB 4.0 INFRASTRUCTURE (EST. 2009): headlines-world.com
MultiSearch Tag Explorer -
Wie denkt ein Jurist? #rechtsgeschichte #mittelalter #accursius #lazarus... https://youtube.com/shorts/gd0iQ0osO_4?si=WJveszO9cKnKndub via @YouTube
-
Wie denkt ein Jurist? #rechtsgeschichte #mittelalter #accursius #lazarus... https://youtube.com/shorts/gd0iQ0osO_4?si=WJveszO9cKnKndub via @YouTube
-
Wie denkt ein Jurist? #rechtsgeschichte #mittelalter #accursius #lazarus... https://youtube.com/shorts/gd0iQ0osO_4?si=WJveszO9cKnKndub via @YouTube
-
Wer darf sich ab 01.06 um ein neuen Job kümmern?
War jetzt fast 10 Jahre in Rente auf Zeit. Und nun meint die Rentenkasse, ich kann wieder mehr als 6 Stunden täglich arbeiten. Was ich aber nicht glaube.2016 hatte, ich in Zwei Foren gefragt und habe mein Traumjob gefunden. Dann kam die Erkrankung.
Was ich suche ist ein Job ohne Ausbildung und den ich im Sitzen erledigen kann.Ich arbeite Zuhause mit Lazarus unter Linux. Bin gelernter Bäcker.
Zuhause bin ich auch gerade nicht.
Wer Ideen hat auch für weiter Hachtags... -
Wer darf sich ab 01.06 um ein neuen Job kümmern?
War jetzt fast 10 Jahre in Rente auf Zeit. Und nun meint die Rentenkasse, ich kann wieder mehr als 6 Stunden täglich arbeiten. Was ich aber nicht glaube.2016 hatte, ich in Zwei Foren gefragt und habe mein Traumjob gefunden. Dann kam die Erkrankung.
Was ich suche ist ein Job ohne Ausbildung und den ich im Sitzen erledigen kann.Ich arbeite Zuhause mit Lazarus unter Linux. Bin gelernter Bäcker.
Zuhause bin ich auch gerade nicht.
Wer Ideen hat auch für weiter Hachtags... -
Wer darf sich ab 01.06 um ein neuen Job kümmern?
War jetzt fast 10 Jahre in Rente auf Zeit. Und nun meint die Rentenkasse, ich kann wieder mehr als 6 Stunden täglich arbeiten. Was ich aber nicht glaube.2016 hatte, ich in Zwei Foren gefragt und habe mein Traumjob gefunden. Dann kam die Erkrankung.
Was ich suche ist ein Job ohne Ausbildung und den ich im Sitzen erledigen kann.Ich arbeite Zuhause mit Lazarus unter Linux. Bin gelernter Bäcker.
Zuhause bin ich auch gerade nicht.
Wer Ideen hat auch für weiter Hachtags... -
Wer darf sich ab 01.06 um ein neuen Job kümmern?
War jetzt fast 10 Jahre in Rente auf Zeit. Und nun meint die Rentenkasse, ich kann wieder mehr als 6 Stunden täglich arbeiten. Was ich aber nicht glaube.2016 hatte, ich in Zwei Foren gefragt und habe mein Traumjob gefunden. Dann kam die Erkrankung.
Was ich suche ist ein Job ohne Ausbildung und den ich im Sitzen erledigen kann.Ich arbeite Zuhause mit Lazarus unter Linux. Bin gelernter Bäcker.
Zuhause bin ich auch gerade nicht.
Wer Ideen hat auch für weiter Hachtags... -
Wer darf sich ab 01.06 um ein neuen Job kümmern?
War jetzt fast 10 Jahre in Rente auf Zeit. Und nun meint die Rentenkasse, ich kann wieder mehr als 6 Stunden täglich arbeiten. Was ich aber nicht glaube.2016 hatte, ich in Zwei Foren gefragt und habe mein Traumjob gefunden. Dann kam die Erkrankung.
Was ich suche ist ein Job ohne Ausbildung und den ich im Sitzen erledigen kann.Ich arbeite Zuhause mit Lazarus unter Linux. Bin gelernter Bäcker.
Zuhause bin ich auch gerade nicht.
Wer Ideen hat auch für weiter Hachtags... -
Lazarus Group + IA = une industrialisation inquiétante des attaques ciblant les développeurs. Ce qui était artisanal devient scalable : fausses offres d'emploi, social engineering automatisé, code malveillant personnalisé. La menace ne s'améliore pas, elle se démultiplie. Rester curieux sur ces TTPs, c'est déjà une forme de défense. 🔍 #infosec #ThreatIntel #Lazarus
https://infosec.pub/post/45532833 -
Lazarus Group Targets macOS Users via ClickFlixAttack
Lazarus Group uses ClickFixto trick macOS users into fake meeting pages and executing malicious commands.
Pulse ID: 69ec9743b876273d04a7efb0
Pulse Link: https://otx.alienvault.com/pulse/69ec9743b876273d04a7efb0
Pulse Author: cryptocti
Created: 2026-04-25 10:28:19Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #InfoSec #Lazarus #Mac #MacOS #OTX #OpenThreatExchange #bot #cryptocti
-
Lazarus Group Targets macOS Users via ClickFlixAttack
Lazarus Group uses ClickFixto trick macOS users into fake meeting pages and executing malicious commands.
Pulse ID: 69ec9743b876273d04a7efb0
Pulse Link: https://otx.alienvault.com/pulse/69ec9743b876273d04a7efb0
Pulse Author: cryptocti
Created: 2026-04-25 10:28:19Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #InfoSec #Lazarus #Mac #MacOS #OTX #OpenThreatExchange #bot #cryptocti
-
Lazarus Group Targets macOS Users via ClickFlixAttack
Lazarus Group uses ClickFixto trick macOS users into fake meeting pages and executing malicious commands.
Pulse ID: 69ec9743b876273d04a7efb0
Pulse Link: https://otx.alienvault.com/pulse/69ec9743b876273d04a7efb0
Pulse Author: cryptocti
Created: 2026-04-25 10:28:19Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #InfoSec #Lazarus #Mac #MacOS #OTX #OpenThreatExchange #bot #cryptocti
-
Lazarus Group Targets macOS Users via ClickFlixAttack
Lazarus Group uses ClickFixto trick macOS users into fake meeting pages and executing malicious commands.
Pulse ID: 69ec9743b876273d04a7efb0
Pulse Link: https://otx.alienvault.com/pulse/69ec9743b876273d04a7efb0
Pulse Author: cryptocti
Created: 2026-04-25 10:28:19Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #InfoSec #Lazarus #Mac #MacOS #OTX #OpenThreatExchange #bot #cryptocti
-
Lazarus Group Targets macOS Users via ClickFlixAttack
Lazarus Group uses ClickFixto trick macOS users into fake meeting pages and executing malicious commands.
Pulse ID: 69ec9743b876273d04a7efb0
Pulse Link: https://otx.alienvault.com/pulse/69ec9743b876273d04a7efb0
Pulse Author: cryptocti
Created: 2026-04-25 10:28:19Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #InfoSec #Lazarus #Mac #MacOS #OTX #OpenThreatExchange #bot #cryptocti
-
Lazarus Group Targets macOS Users via ClickFlixAttack
Lazarus Group uses ClickFixto trick macOS users into fake meeting pages and executing malicious commands.
Pulse ID: 69ec976bddee2a8bbe864445
Pulse Link: https://otx.alienvault.com/pulse/69ec976bddee2a8bbe864445
Pulse Author: cryptocti
Created: 2026-04-25 10:28:59Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #InfoSec #Lazarus #Mac #MacOS #OTX #OpenThreatExchange #bot #cryptocti
-
Lazarus Group Targets macOS Users via ClickFlixAttack
Lazarus Group uses ClickFixto trick macOS users into fake meeting pages and executing malicious commands.
Pulse ID: 69ec976bddee2a8bbe864445
Pulse Link: https://otx.alienvault.com/pulse/69ec976bddee2a8bbe864445
Pulse Author: cryptocti
Created: 2026-04-25 10:28:59Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #InfoSec #Lazarus #Mac #MacOS #OTX #OpenThreatExchange #bot #cryptocti
-
Lazarus Group Targets macOS Users via ClickFlixAttack
Lazarus Group uses ClickFixto trick macOS users into fake meeting pages and executing malicious commands.
Pulse ID: 69ec976bddee2a8bbe864445
Pulse Link: https://otx.alienvault.com/pulse/69ec976bddee2a8bbe864445
Pulse Author: cryptocti
Created: 2026-04-25 10:28:59Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #InfoSec #Lazarus #Mac #MacOS #OTX #OpenThreatExchange #bot #cryptocti
-
Lazarus Group Targets macOS Users via ClickFlixAttack
Lazarus Group uses ClickFixto trick macOS users into fake meeting pages and executing malicious commands.
Pulse ID: 69ec976bddee2a8bbe864445
Pulse Link: https://otx.alienvault.com/pulse/69ec976bddee2a8bbe864445
Pulse Author: cryptocti
Created: 2026-04-25 10:28:59Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #InfoSec #Lazarus #Mac #MacOS #OTX #OpenThreatExchange #bot #cryptocti
-
Lazarus Group Targets macOS Users via ClickFlixAttack
Lazarus Group uses ClickFixto trick macOS users into fake meeting pages and executing malicious commands.
Pulse ID: 69ec976bddee2a8bbe864445
Pulse Link: https://otx.alienvault.com/pulse/69ec976bddee2a8bbe864445
Pulse Author: cryptocti
Created: 2026-04-25 10:28:59Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #InfoSec #Lazarus #Mac #MacOS #OTX #OpenThreatExchange #bot #cryptocti
-
📢 Vol de 290 M$ sur Kelp : TraderTraitor (Lazarus) exploite une faille de configuration LayerZero
📝 ## 🗓️ ContexteSource : The Record Media, publié le 20 avril 2026.
📖 cyberveille : https://cyberveille.ch/posts/2026-04-23-vol-de-290-m-sur-kelp-tradertraitor-lazarus-exploite-une-faille-de-configuration-layerzero/
🌐 source : https://therecord.media/crypto-north-korea-theft-kelp
#LayerZero #Lazarus #Cyberveille -
Mach-O Man Malware: What CISOs Need to Know
Lazarus Group is conducting an active campaign targeting businesses through ClickFix attacks, distributing a newly identified macOS malware kit called "Mach-O Man". The attack begins with fake meeting invitations via Telegram, redirecting victims to fraudulent collaboration platforms impersonating Zoom, Microsoft Teams, or Google Meet. Victims are tricked into executing terminal commands that install the malware. The kit consists of Go-based Mach-O binaries including a stager, profiler, persistence mechanism, and stealer. The malware collects credentials, browser data, and macOS Keychain entries, exfiltrating data through Telegram. Primary targets include fintech, crypto, and high-value environments where macOS is prevalent. The campaign leverages social engineering and native macOS binaries to evade traditional EDR detection, ultimately enabling account takeover, unauthorized infrastructure access, and financial loss.
Pulse ID: 69e82714e5cf2d1fb9fe1b0a
Pulse Link: https://otx.alienvault.com/pulse/69e82714e5cf2d1fb9fe1b0a
Pulse Author: AlienVault
Created: 2026-04-22 01:40:36Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Browser #CyberSecurity #EDR #Google #GoogleMeet #InfoSec #Lazarus #Mac #MacOS #Malware #Microsoft #MicrosoftTeams #OTX #OpenThreatExchange #RAT #SocialEngineering #Telegram #Zoom #bot #AlienVault
-
Mach-O Man Malware: What CISOs Need to Know
Lazarus Group is conducting an active campaign targeting businesses through ClickFix attacks, distributing a newly identified macOS malware kit called "Mach-O Man". The attack begins with fake meeting invitations via Telegram, redirecting victims to fraudulent collaboration platforms impersonating Zoom, Microsoft Teams, or Google Meet. Victims are tricked into executing terminal commands that install the malware. The kit consists of Go-based Mach-O binaries including a stager, profiler, persistence mechanism, and stealer. The malware collects credentials, browser data, and macOS Keychain entries, exfiltrating data through Telegram. Primary targets include fintech, crypto, and high-value environments where macOS is prevalent. The campaign leverages social engineering and native macOS binaries to evade traditional EDR detection, ultimately enabling account takeover, unauthorized infrastructure access, and financial loss.
Pulse ID: 69e82714e5cf2d1fb9fe1b0a
Pulse Link: https://otx.alienvault.com/pulse/69e82714e5cf2d1fb9fe1b0a
Pulse Author: AlienVault
Created: 2026-04-22 01:40:36Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Browser #CyberSecurity #EDR #Google #GoogleMeet #InfoSec #Lazarus #Mac #MacOS #Malware #Microsoft #MicrosoftTeams #OTX #OpenThreatExchange #RAT #SocialEngineering #Telegram #Zoom #bot #AlienVault