Lazarus Group RemotePE long-term observation campaign against financial and cryptocurrency organizations

RemotePE memory-only RAT activity by Lazarus Group targeting financial and cryptocurrency organizations

How related: Cybersecurity researchers have shed light on a cross-platform malware called RemotePE that has been put to use by the North Korea-linked Lazarus Group in attacks targeting financial and cryptocurrency organizations.

About this happening: The **RemotePE** malware has been tied to **Lazarus Group** activity against **financial and cryptocurrency organizations**, raising the risk of stealthy long-term access and late...

Handala multi-stage malware with Telegram C2 and exfiltration

About this happening: The **Handala** malware package uses a **multi-stage payload** to give operators **remote access** to infected **Windows** devices, increasing the risk of stealthy data theft. The...

Lazarus-associated Medusa extortion campaign targeting U.S. healthcare organizations

About this happening: A **Lazarus**-associated **Medusa ransomware** campaign is targeting **U.S. healthcare organizations**, raising the risk of **extortion**, **data encryption**, and operational dis...

BlueNoroff spear-phishing campaign uses typosquatted Zoom, Teams, and Calendly lures against crypto firms

About this happening: **BlueNoroff**, a **North Korea-linked Lazarus Group** subgroup, ran a **large-scale spear-phishing campaign** against **100+ cryptocurrency organizations** in **20+ countries** b...

Labyrinth Chollima split into three North Korean hacking groups

About this happening: **Labyrinth Chollima** has been split into **three tracked North Korean groups**, reshaping how defenders map a major DPRK cyber ecosystem and its target set. **Golden Chollima**...