GossiTheDog , vor 14 Tagen an Random Englisch Good find by Elastic - possibly North Korean based threat actors using an unfixed bug in Windows to execute code, undetected across all vendors until that point (and as of writing only Elastic detect still) They’ve named it GrimResource https://www.elastic.co/security-labs/grimresource #threatintel
Good find by Elastic - possibly North Korean based threat actors using an unfixed bug in Windows to execute code, undetected across all vendors until that point (and as of writing only Elastic detect still)
They’ve named it GrimResource https://www.elastic.co/security-labs/grimresource
#threatintel
GossiTheDog OP , vor 11 Tagen Englisch Still essentially zero detection for GrimResource. PoC that spawns calc: https://gist.github.com/joe-desimone/2b0bbee382c9bdfcac53f2349a379fa4 #threatintel
Still essentially zero detection for GrimResource. PoC that spawns calc: https://gist.github.com/joe-desimone/2b0bbee382c9bdfcac53f2349a379fa4