Tue Sep 17 2024

The North Korean Lazarus group is running multiple high-risk campaigns: one exploiting Windows and another installing malware through fraudulent blockchain job offers. State of Cybercrime hosts Matt Radolec and David Gibson discuss the various APT groups, including a prolific ransomware-as-a-service operation and a Chinese cyber espionage gang known as Volt Typhoon, and other vulnerable vulnerabilities in this episode, including: + Lazarus FudModule rootkit attacks and the concurrent Eager Crypto Beavers campaign + RansomHub attacks on Halliburton, Change Healthcare, and hundreds more + Large-scale extortion of AWS environments through exposed ENV files + Hundreds of exposed servers from Volt Typhoon’s ISP targeting + Payment gateway breach of over 1.7 million credit card owners