sleet – PossibleThreat Articles

Credit to Author: Microsoft Threat Intelligence and Microsoft Security Response Center (MSRC)| Date: Fri, 30 Aug 2024 16:00:00 +0000

Microsoft identified a North Korean threat actor exploiting a zero-day vulnerability in Chromium (CVE-2024-7971) to gain remote code execution (RCE) in the Chromium renderer process. Our assessment of ongoing analysis and observed infrastructure attributes this activity to Citrine Sleet, a North Korean threat actor that commonly targets the cryptocurrency sector for financial gain.

The post North Korean threat actor Citrine Sleet exploiting Chromium zero-day appeared first on Microsoft Security Blog.

Microsoft Security

Onyx Sleet uses array of malware to gather intelligence for North Korea

July 31, 2024 0 Comments log4j, sleet

Credit to Author: Microsoft Threat Intelligence| Date: Thu, 25 Jul 2024 15:57:18 +0000

On July 25, 2024, the United States Department of Justice (DOJ) indicted an individual linked to the North Korean threat actor that Microsoft tracks as Onyx Sleet. Microsoft Threat Intelligence collaborated with the Federal Bureau of Investigation (FBI) in tracking activity associated with Onyx Sleet. We will continue to closely monitor Onyx Sleet’s activity to assess changes following the indictment.

The post Onyx Sleet uses array of malware to gather intelligence for North Korea appeared first on Microsoft Security Blog.

Microsoft Security

Moonstone Sleet emerges as new North Korean threat actor with new bag of tricks

May 31, 2024 0 Comments sleet

Credit to Author: Microsoft Threat Intelligence| Date: Tue, 28 May 2024 16:00:00 +0000

Microsoft has identified a new North Korean threat actor, now tracked as Moonstone Sleet (formerly Storm-1789), that combines many tried-and-true techniques used by other North Korean threat actors, as well as unique attack methodologies to target companies for its financial and cyberespionage objectives.

The post Moonstone Sleet emerges as new North Korean threat actor with new bag of tricks appeared first on Microsoft Security Blog.

Microsoft Security

Staying ahead of threat actors in the age of AI

February 15, 2024 0 Comments blizzard, forest blizzard (strontium), Government, mitre att&ck, non-governmental organizations (ngos), sandstorm, sleet, typhoon

Credit to Author: Microsoft Threat Intelligence| Date: Wed, 14 Feb 2024 12:00:00 +0000

Microsoft, in collaboration with OpenAI, is publishing research on emerging threats in the age of AI, focusing on identified activity associated with known threat actors Forest Blizzard, Emerald Sleet, Crimson Sandstorm, and others. The observed activity includes prompt-injections, attempted misuse of large language models (LLM), and fraud.

The post Staying ahead of threat actors in the age of AI appeared first on Microsoft Security Blog.

Microsoft Security

Multiple North Korean threat actors exploiting the TeamCity CVE-2023-42793 vulnerability

October 30, 2023 0 Comments diamond sleet (zinc), sleet, state-sponsored threat actor

Credit to Author: Microsoft Threat Intelligence| Date: Wed, 18 Oct 2023 16:30:00 +0000

Since early October 2023, Microsoft has observed North Korean nation-state threat actors Diamond Sleet and Onyx Sleet exploiting the Jet Brains TeamCity CVE-2023-42793 remote-code execution vulnerability. Given supply chain attacks carried out by these threat actors in the past, Microsoft assesses that this activity poses a particularly high risk to organizations who are affected.

The post Multiple North Korean threat actors exploiting the TeamCity CVE-2023-42793 vulnerability appeared first on Microsoft Security Blog.