Lazarus Group phishes for hacking tools. Rockethack’s odd position in the C2C market. CISA’s holiday advice. SEC scam warning.

Attacks, Threats, and Vulnerabilities

North Korean Hackers Caught Snooping on China’s Cyber Squad (The Daily Beast) North Korean hackers are under fierce pressure to raise revenue to fund regime goals. Now they’re trying to spy on Chinese security researchers to get better hacking tools.

Void Balaur explained—a stealthy cyber mercenary group that spies on thousands (CSO Online) Unlike other groups, Void Balaur will target individuals and organizations in Russian-speaking countries and seems to have intimate knowledge of telecom systems.

APT41’s cyber attack methods are a blueprint for hacker groups- TechHQ (TechHQ) APT41’s cyberattack methods is becoming the blueprint for other hacker groups to launch attacks on the supply chain and other industries as well.

Reminder for Critical Infrastructure to Stay Vigilant Against Threats During Holidays and Weekends (CISA) As Americans prepare to hit the highways and airports this Thanksgiving holiday, CISA and the Federal Bureau of Investigation (FBI) are reminding critical infrastructure partners that malicious cyber actors aren’t making the same holiday plans as you. Recent history tells us that this could be a time when these persistent cyber actors halfway across the world are looking for ways—big and small—to disrupt the critical networks and systems belonging to organizations, businesses, and critical infrastructure. 

New ‘SharkBot’ Android Banking Malware Hitting U.S., UK and Italy Targets (SecurityWeek) A newly discovered Android banking trojan has been observed targeting international banks and five different cryptocurrency services.

Github cookie leakage – thousands of Firefox cookie files uploaded by mistake (Naked Security) Be aware before you share! That’s a good rule for developers and techies, just as much as it is for social media addicts.

Space cyber wargame exposes satellite industry risks (README) Space industry executives grappled with a simulated crisis Monday as a hacker compromised a satellite and set it on a collision course.

US SEC warns investors of ongoing govt impersonation attacks (BleepingComputer) The Securities and Exchange Commission (SEC) has warned US investors of scammers impersonating SEC…