North Korea’s Lazarus Group has been attacking energy providers in the US, Canada, and Japan since February, according to Cisco Talos. The group used malware to access and steal data from enterprise networks, targeting critical infrastructure for espionage purposes. Using custom-made malware, including a previously unknown remote access trojan, Lazarus seeks long-term access into networks to support North Korean government objectives.
New T1555.003 Technique Let Attackers Steal Passwords From Web Browsers
The T1555.003 technique, highlighted in the MITRE ATT&CK framework, allows attackers to extract saved usernames and passwords from web browsers, leading to unauthorized access and
