TraderTraitor, a DPRK-nexus threat actor known for state-sponsored financial gain to fund North Korea’s nuclear weapons programs and engage in espionage. TraderTraitor primarily targets AWS environments, the cryptocurrency industry, and adjacent financial sectors through supply chain compromise, credential theft, and cloud service abuse. They are responsible for major crypto heists, including $625 million from the Read More …
Tag: apt
GitHub Actions Supply Chain Attack
Source The recent GitHub Actions supply chain attack represents a multi-layered, targeted compromise that initially focused on Coinbase before escalating into a widespread incident affecting thousands of repositories. This sophisticated attack exploited critical CI/CD misconfigurations and leveraged leaked Personal Access Tokens (PATs) to gain unauthorized access, potentially leading to data breaches and code tampering. The Read More …
Tools – BEAR: Simulating Advanced Persistent Threats for Cybersecurity Education
For aspiring and new information security professionals, gaining practical insight into real-world attack methodologies is paramount. One tool that offers a unique perspective into advanced threat simulation is “BEAR,” a project found on GitHub. Unlike typical vulnerability scanners or compliance tools, BEAR is a compilation of Command and Control (C2) scripts, payloads, and stagers explicitly Read More …
Conference Video – A deep look into a Chinese advanced attack
These are the videos from Derbycon 2015:
Find an APT
MITRE Groups Thai CERT – Electronic Transactions Development Agency