The APT known as Lazarus conducted spear phishing attacks with weaponized documents masquerading as Lockheed Martin. These weaponized documents perform a series of injections to achieve startup persistence on the victims system. As part of this killchain the Windows Update service is abused for payload execution and Github is utilzed as a C2 to deliver remote commands.
Malwarebytes researches have shared a full synopsis here:
MITRE ATT&CK Lazarus profile:
https://attack.mitre.org/groups/G0032/
Apple’s new Memory Integrity Enforcement system deals a huge blow to spyware developers Article Link: https://cyberscoop.com/apple-memory-integrity-enforcement-iphone-ios-anti-spyware/ New cybersecurity rules land for Defense Department contractors Article
FTC Announces Settlement with Toy Robot Makers That Tracked Location of Children Article Link: https://cyberscoop.com/ftc-settlement-apitor-childrens-privacy-violation/ Cloudflare Confirms Salesforce Data Compromised via SalesLoft Chatbot Article Link:
