Kevin Beaumont on Nostr: Good find by Elastic - North Korean based threat actors using an unfixed bug in ...
Good find by Elastic - North Korean based threat actors using an unfixed bug in Windows to execute code, undetected across all vendors until that point (and as of writing only Elastic detect still)
They’ve named it GrimResource
https://www.elastic.co/security-labs/grimresource #threatintel
Published at
2024-06-21 23:59:27Event JSON
{
"id": "1d727e9bc4abc64b6466c661601e580fcf2ede6fb130e305948436c698742746",
"pubkey": "f6870afcde4480ec8508f50304859e14a51309ff24ab3f0f862c52bdc4af8747",
"created_at": 1719014367,
"kind": 1,
"tags": [
[
"t",
"threatintel"
],
[
"proxy",
"https://cyberplace.social/users/GossiTheDog/statuses/112657325584186783",
"activitypub"
]
],
"content": "Good find by Elastic - North Korean based threat actors using an unfixed bug in Windows to execute code, undetected across all vendors until that point (and as of writing only Elastic detect still) \n\nThey’ve named it GrimResource https://www.elastic.co/security-labs/grimresource \n\n#threatintel\n\nhttps://cyberplace.social/system/media_attachments/files/112/657/325/354/409/173/original/8be1d000eeccd8c4.jpeg",
"sig": "e32c80879c67cbea07e84a23c3510146175fd9a5f64764ea1f1481b1d5f7c5961f3ff1f97b1840bf6a67dce33197a969c8d5afd451c4250041f5b59f8ae0e082"
}
