lazarusholic<p>"2025 Global Threat Report" published by CrowdStrike. <a href="https://infosec.exchange/tags/FamousChollima" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FamousChollima</span></a>, <a href="https://infosec.exchange/tags/LabyrinthChollima" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LabyrinthChollima</span></a>, <a href="https://infosec.exchange/tags/Trend" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Trend</span></a>, <a href="https://infosec.exchange/tags/DPRK" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DPRK</span></a>, <a href="https://infosec.exchange/tags/CTI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CTI</span></a> <a href="https://www.crowdstrike.com/en-us/global-threat-report/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">crowdstrike.com/en-us/global-t</span><span class="invisible">hreat-report/</span></a></p>
techhub.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A hub primarily for passionate technologists, but everyone is welcome
Administered by:
Server stats:
4.7Kactive users
techhub.social: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.1
#labyrinthchollima
0 posts · 0 participants · 0 posts today
lazarusholic<p>"Labyrinth Chollima APT Adversary Simulation" published by S3N4T0R. <a href="https://infosec.exchange/tags/LabyrinthChollima" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LabyrinthChollima</span></a>, <a href="https://infosec.exchange/tags/DPRK" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DPRK</span></a>, <a href="https://infosec.exchange/tags/CTI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CTI</span></a> <a href="https://medium.com/@S3N4T0R/labyrinth-chollima-apt-adversary-simulation-b4f6a79bb68f" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">medium.com/@S3N4T0R/labyrinth-</span><span class="invisible">chollima-apt-adversary-simulation-b4f6a79bb68f</span></a></p>
lazarusholic<p>"Exploring CISA’s 2023 Top Routinely Exploited Vulnerabilities" published by Vulncheck. <a href="https://infosec.exchange/tags/LabyrinthChollima" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LabyrinthChollima</span></a>, <a href="https://infosec.exchange/tags/SilentChollima" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SilentChollima</span></a>, <a href="https://infosec.exchange/tags/Trend" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Trend</span></a>, <a href="https://infosec.exchange/tags/VelvetChollima" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>VelvetChollima</span></a>, <a href="https://infosec.exchange/tags/DPRK" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DPRK</span></a>, <a href="https://infosec.exchange/tags/CTI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CTI</span></a> <a href="https://vulncheck.com/blog/cisa-top-exploited-2024" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">vulncheck.com/blog/cisa-top-ex</span><span class="invisible">ploited-2024</span></a></p>
lazarusholic<p>"Labyrinth Chollima Using Poisoned Python Packages to Deliver PondRAT" published by PolySwarm. <a href="https://infosec.exchange/tags/LabyrinthChollima" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LabyrinthChollima</span></a>, <a href="https://infosec.exchange/tags/PondRAT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PondRAT</span></a>, <a href="https://infosec.exchange/tags/POOLRAT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>POOLRAT</span></a>, <a href="https://infosec.exchange/tags/PyPI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PyPI</span></a>, <a href="https://infosec.exchange/tags/DPRK" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DPRK</span></a>, <a href="https://infosec.exchange/tags/CTI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CTI</span></a> <a href="https://blog.polyswarm.io/labyrinth-chollima-using-poisoned-python-packages-to-deliver-pondrat" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">blog.polyswarm.io/labyrinth-ch</span><span class="invisible">ollima-using-poisoned-python-packages-to-deliver-pondrat</span></a></p>
lazarusholic<p>"North Korea’s Post-Infection Python Payloads" published by Norforlk. <a href="https://infosec.exchange/tags/LabyrinthChollima" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LabyrinthChollima</span></a>, <a href="https://infosec.exchange/tags/NPM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NPM</span></a>, <a href="https://infosec.exchange/tags/CTI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CTI</span></a>, <a href="https://infosec.exchange/tags/OSINT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OSINT</span></a>, <a href="https://infosec.exchange/tags/LAZARUS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LAZARUS</span></a> <a href="https://norfolkinfosec.com/north-koreas-post-infection-python-payloads/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">norfolkinfosec.com/north-korea</span><span class="invisible">s-post-infection-python-payloads/</span></a></p>
lazarusholic<p>"FortiGuard Labs Outbreak Alerts Annual Report 2023: A Glimpse into the Evolving Threat Landscape" published by Fortinet. <a href="https://infosec.exchange/tags/Trend" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Trend</span></a>, <a href="https://infosec.exchange/tags/LabyrinthChollima" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LabyrinthChollima</span></a>, <a href="https://infosec.exchange/tags/Andariel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Andariel</span></a>, <a href="https://infosec.exchange/tags/DiamondSleet" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DiamondSleet</span></a>, <a href="https://infosec.exchange/tags/CTI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CTI</span></a>, <a href="https://infosec.exchange/tags/OSINT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OSINT</span></a>, <a href="https://infosec.exchange/tags/LAZARUS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LAZARUS</span></a> <a href="https://www.fortinet.com/blog/threat-research/fortiguard-labs-outbreak-alerts-report-2023" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">fortinet.com/blog/threat-resea</span><span class="invisible">rch/fortiguard-labs-outbreak-alerts-report-2023</span></a></p>
Mr.Trunk<p>SecurityAffairs: North Korea-linked APT Labyrinth Chollima behind PyPI supply chain attacks <a href="https://securityaffairs.com/150197/apt/labyrinth-chollima-pypi-supply-chain-attacks.html" rel="nofollow noopener" target="_blank"><span class="invisible">https://</span><span class="ellipsis">securityaffairs.com/150197/apt</span><span class="invisible">/labyrinth-chollima-pypi-supply-chain-attacks.html</span></a> <a href="https://dromedary.seedoubleyou.me/tags/ITInformationSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ITInformationSecurity</span></a> <a href="https://dromedary.seedoubleyou.me/tags/LabyrinthChollima" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LabyrinthChollima</span></a> <a href="https://dromedary.seedoubleyou.me/tags/PierluigiPaganini" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PierluigiPaganini</span></a> <a href="https://dromedary.seedoubleyou.me/tags/SecurityAffairs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecurityAffairs</span></a> <a href="https://dromedary.seedoubleyou.me/tags/BreakingNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BreakingNews</span></a> <a href="https://dromedary.seedoubleyou.me/tags/Intelligence" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Intelligence</span></a> <a href="https://dromedary.seedoubleyou.me/tags/hackingnews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hackingnews</span></a> <a href="https://dromedary.seedoubleyou.me/tags/NorthKorea" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NorthKorea</span></a> <a href="https://dromedary.seedoubleyou.me/tags/Hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Hacking</span></a> <a href="https://dromedary.seedoubleyou.me/tags/Malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Malware</span></a> <a href="https://dromedary.seedoubleyou.me/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>malware</span></a> <a href="https://dromedary.seedoubleyou.me/tags/APT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>APT</span></a></p>
lazarusholic<p>"VMConnect supply chain attack continues, evidence points to North Korea" published by ReversingLabs. <a href="https://infosec.exchange/tags/LabyrinthChollima" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LabyrinthChollima</span></a>, <a href="https://infosec.exchange/tags/VMConnect" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>VMConnect</span></a>, <a href="https://infosec.exchange/tags/CTI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CTI</span></a>, <a href="https://infosec.exchange/tags/OSINT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OSINT</span></a>, <a href="https://infosec.exchange/tags/LAZARUS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LAZARUS</span></a> <a href="https://www.reversinglabs.com/blog/vmconnect-supply-chain-campaign-continues" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">reversinglabs.com/blog/vmconne</span><span class="invisible">ct-supply-chain-campaign-continues</span></a></p>
Sean Whalen 👨🏼🦼🏳️🌈🇺🇦🕊️<p><a href="https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/" rel="nofollow noopener" target="_blank">CrowdStrike</a> and <a href="https://www.sentinelone.com/blog/smoothoperator-ongoing-campaign-trojanizes-3cx-software-in-software-supply-chain-attack/" rel="nofollow noopener" target="_blank">SentinelOne</a> are reporting that a version of the 3CX softphone app has been bundled with malware in a supply chain attack, similar to what happened with Solarwinds. CrowdStrike intelligence has attributed this activity to a North Korean APT group they track as <a href="https://www.crowdstrike.com/adversaries/labyrinth-chollima/" rel="nofollow noopener" target="_blank">LABYRINTH CHOLLIMA</a>. The <a href="https://www.3cx.com/community/threads/threat-alerts-from-sentinelone-for-desktop-update-initiated-from-desktop-client.119806/#post-558539" rel="nofollow noopener" target="_blank">response from 3CX</a> is arrogant as hell!</p><p><a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a> <a href="https://infosec.exchange/tags/3CX" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>3CX</span></a> <a href="https://infosec.exchange/tags/SupplyChainAttack" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SupplyChainAttack</span></a> <a href="https://infosec.exchange/tags/CrowdStrike" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CrowdStrike</span></a> <a href="https://infosec.exchange/tags/SentinelOne" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SentinelOne</span></a> <a href="https://infosec.exchange/tags/NorthKorea" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NorthKorea</span></a> <a href="https://infosec.exchange/tags/DPRK" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DPRK</span></a> <a href="https://infosec.exchange/tags/APT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>APT</span></a> <a href="https://infosec.exchange/tags/LABYRINTHCHOLLIMA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LABYRINTHCHOLLIMA</span></a></p>
TrendingLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload