Podcasts about andariel

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.The White House recently hosted the International Counter Ransomware Initiative (CRI) summit, bringing together representatives from 68 countries to address the growing global threat of ransomware.The rise of "Shadow AI," which refers to the unauthorized use of AI tools by employees without the oversight of IT departments, poses significant risks for organizations. A new wave of attacks leveraging the More_Eggs backdoor malware has been specifically targeting recruiters. TA4557, a financially motivated group linked to North Korea, has been distributing this backdoor since late 2023.The Andariel hacking group, a subgroup of North Korea's Lazarus Group, has turned its attention to financially motivated attacks against U.S. organizations.Forescout Vedere Labs has uncovered 14 vulnerabilities affecting over 700,000 DrayTek routers, with two critical flaws posing significant security risks.

Video Episode: https://youtu.be/lEaBTx6FvCI In today’s episode, we dive into the alarming rise of Linux malware “perfctl,” which has stealthily targeted millions of servers for cryptomining over the past three years. We discuss the critical CVE-2024-29824 vulnerability in Ivanti Endpoint Manager, exploited for unauthorized SQL injection, and the ongoing threats posed by the North Korean APT group Stonefly, known for their intricate cybercrime tactics. Additionally, we explore the disturbing trend of cybercriminals leveraging compromised cloud credentials to operate sexualized AI chat bots, highlighting the urgent need for improved security practices. Sources: 1. https://www.bleepingcomputer.com/news/security/linux-malware-perfctl-behind-years-long-cryptomining-campaign/ 2. https://www.helpnetsecurity.com/2024/10/03/cve-2024-29824/ 3. https://www.helpnetsecurity.com/2024/10/03/private-us-companies-targeted-by-stonefly-apt/ 4. https://krebsonsecurity.com/2024/10/a-single-cloud-compromise-can-feed-an-army-of-ai-sex-bots/ Timestamps 00:00 – Introduction 01:06 – AI powered s3x bots 03:13 – Ivanti SQL Injection 04:08 – Perfectl Linux Malware 05:33 – APT45 StoneFly Attacks US companies 1. What are today’s top cybersecurity news stories? 2. What is the Linux malware “perfctl” and how does it work? 3. How is the Ivanti Endpoint Manager flaw (CVE-2024-29824) being exploited? 4. What activities are linked to the Stonefly APT group targeting US companies? 5. How are stolen cloud credentials being used for AI-powered sex chat services? 6. What vulnerabilities does CVE-2024-29824 address and why is it critical? 7. What measures can organizations take to detect the “perfctl” malware? 8. What are the implications of the Stonefly APT’s recent attacks on private companies? 9. How did researchers demonstrate the abuse of AWS Bedrock for illegal activities? 10. What security best practices can prevent cloud credential theft and misuse? perfctl, Linux, Monero, vulnerabilities, Ivanti, SQL injection, cybersecurity, remediation, Stonefly, cyberattacks, Preft, malware, cloud credentials, AI-powered, child sexual exploitation, cybercriminals, # Intro In a shocking revelation, a stealthy Linux malware named “perfctl” has been exploiting server vulnerabilities for over three years, using advanced evasion techniques to secretly mine Monero cryptocurrency on countless systems worldwide. This elusive threat not only disrupts normal operations by maxing out CPU usage but also deftly vanishes when users log in, making detection extremely difficult for many administrators. How do adversaries exploit vulnerabilities to gain initial access to systems with the perfctl malware? Hackers are actively exploiting a critical SQL injection flaw in Ivanti Endpoint Manager, prompting US federal agencies to rush and remediate the threat by October 23, 2024. Despite Ivanti’s urgent patches, details of the attacks remain sparse, spotlighting the pressing need for effective cybersecurity measures. Why does this particular vulnerability pose such a significant risk compared to others? North Korean APT group Stonefly, undeterred by legal indictments, is intensifying its financially-motivated cyberattacks on US companies, leveraging a unique arsenal of malware and tools. Despite failed ransomware attempts, their distinctive Preft backdoor confirms their tenacity in pursuing targets with no direct intelligence value. Why has Stonefly shifted their focus from espionage to financially-driven cybercrime in recent years? A staggering rise in stolen cloud credentials is fueling an underground market of AI-powered sex chat services, with cybercriminals bypassing content filters for disturbing role-plays involving child sexual exploitation. As security researchers lay bare the chilling implications of compromised AI infrastructure, the industry scrambles for solutions to thwart this escalating threat. **Question:** How are cybercriminals leveraging stolen cloud credentials to evade content restrictions on AI, and what are the financial and ethical implications for the victims? # Stories In this episode, we discuss a recent discovery by Aqua Nautilus researchers of the Linux malware “perfctl,” which has been running a covert cryptomining campaign for over three years. This malware has targeted potentially millions of Linux servers, using advanced evasion techniques and rootkits to remain largely undetected. Perfctl primarily uses compromised servers to mine the Monero cryptocurrency, exploiting misconfigurations and vulnerabilities, such as CVE-2023-33246 in Apache RocketMQ and CVE-2021-4034 in Polkit, for initial access. It operates stealthily, disguising processes and using TOR for encrypted communications. The malware also deploys proxy-jacking software for additional revenue streams. System administrators often notice infections due to 100% CPU usage, though perfctl halts its activities as soon as the user logs in. Due to its evasive and persistent nature, typical removal methods are ineffective, with a full system wipe and reinstall recommended to ensure complete removal. Aqua Nautilus suggests monitoring system directories, CPU usage, and network traffic, alongside patching known vulnerabilities, to detect and prevent perfctl infections. Certainly! Here's a list of ten important terms and nouns from the article, each followed by a brief definition particularly related to cybersecurity: 1. **Linux**: An open-source operating system known for its robust security features and wide use in servers and workstations. In cybersecurity, it’s crucial as many servers run on Linux, making them targets for attacks like the mentioned malware. 2. **Malware**: Malicious software designed to infiltrate, damage, or disable computers and networks. It is important because it can weaponize for financial gain, as in cryptomining without consent. 3. **Cryptomining**: The process of validating cryptocurrency transactions and adding them to the blockchain ledger, in this context, unauthorized use of others’ computer resources to generate cryptocurrency like Monero. 4. **Rootkit**: A set of software tools that enable unauthorized users to gain control of a system without being detected. Rootkits are important in malware because they allow it to remain hidden and maintain persistent access. 5. **CVE (Common Vulnerabilities and Exposures)**: A list of publicly disclosed cybersecurity vulnerabilities. CVEs are critical for understanding and mitigating known vulnerabilities that attackers might exploit as seen with CVE-2023-33246 and CVE-2021-4034. 6. **Monero**: A cryptocurrency known for its privacy features, making transactions challenging to trace. Important in cyber threats like cryptomining, as attackers use infected systems to mine Monero for profit. 7. **TOR**: Short for The Onion Router, a decentralized network to anonymize internet traffic through encryption and relay techniques. It is crucial for maintaining anonymity in cyber operations, as noted in the malware’s communication method. 8. **Userland rootkits**: Types of rootkits that operate in the user space and manipulate user-level applications to evade detection, demonstrating advanced techniques for obscuring malicious activities and maintaining control. 9. **Apache RocketMQ**: An open-source messaging server often used in enterprise environments. Its mention highlights how vulnerabilities in widely used software such as CVE-2023-33246 can be critical entry points for attacks. 10. **Indicators of Compromise (IoC)**: Forensic evidence of potential intrusion or malware activity within a network or system. Recognizing IoCs is essential for detecting and responding to security breaches like those associated with perfctl. This list encompasses important cybersecurity concepts relevant to understanding and contextualizing threats, detection, and protection mechanisms discussed in the article. — On today’s podcast, we’re discussing a critical security flaw in Ivanti Endpoint Manager, known as CVE-2024-29824. This unauthenticated SQL Injection vulnerability is actively being exploited, prompting the Cybersecurity and Infrastructure Security Agency to add it to their Known Exploited Vulnerabilities catalog. Ivanti has acknowledged that a limited number of their customers have been impacted. This flaw, part of a group of ten similar vulnerabilities, affects versions prior to Ivanti EPM 2022 SU5 and could allow attackers to execute code within the service account. Researchers have published detailed technical information and proof-of-concept exploits for this vulnerability. To address the issue, Ivanti released a patch involving the replacement of critical DLL files and a server restart. Federally, US agencies are mandated to remediate this vulnerability by October 23, 2024. Ivanti has urged all users to ensure their systems are up to date with the latest patch. Stay informed and make sure your systems are protected. Certainly! Here’s a list of the top 10 most important nouns and technical terms from the article, along with their definitions and relevance to cybersecurity: 1. **CVE-2024-29824** *Definition:* A Common Vulnerabilities and Exposures (CVE) identifier assigned to an unauthenticated SQL Injection vulnerability found in Ivanti Endpoint Manager (EPM) appliances. *Importance:* This vulnerability is critical because it allows attackers to execute arbitrary code, potentially leading to unauthorized access or data manipulation in affected systems. 2. **Ivanti Endpoint Manager (EPM)** *Definition:* A management tool used to automate and control IT systems, providing capabilities such as hardware and software management, asset discovery, and endpoint security. *Importance:* EPM’s widespread deployment in various organizations makes security flaws within it particularly concerning, as they can affect numerous systems. 3. **SQL Injection** *Definition:* A type of security vulnerability that allows an attacker to interfere with the queries an application makes to its database by injecting malicious SQL code. *Importance:* SQL injection vulnerabilities can lead to data breaches, unauthorized data access, and full system compromise, making them a high priority in security. 4. **Cybersecurity and Infrastructure Security Agency (CISA)** *Definition:* A U.S. federal agency responsible for enhancing the security, resilience, and reliability of the nation’s cybersecurity infrastructure. *Importance:* CISA’s involvement indicates the severity of a vulnerability, guiding organizations on critical security measures to implement. 5. **Security Advisory** *Definition:* An official notification providing details about a vulnerability, including its impact, affected systems, and measures for remediation. *Importance:* Security advisories are crucial for informing organizations and the public about vulnerabilities and recommended actions to mitigate security risks. 6. **Zero Day Initiative (ZDI)** *Definition:* A program that focuses on finding and reporting zero-day vulnerabilities to affected vendors for remediation before they can be exploited by attackers. *Importance:* ZDI’s work helps in identifying and patching vulnerabilities before they are widely exploited, enhancing overall cybersecurity posture. 7. **Proof of Concept (PoC)** *Definition:* A demonstration that shows how a vulnerability can be exploited to achieve harmful results, often used to prove the existence and impact of a security flaw. *Importance:* PoCs help in understanding the practical implications of vulnerabilities and in developing appropriate fixes or mitigation strategies. 8. **KEV Catalog** *Definition:* The Known Exploited Vulnerabilities (KEV) catalog is a list maintained by CISA of vulnerabilities that have been actively exploited in the wild. *Importance:* Inclusion in the KEV catalog underscores the critical nature of a vulnerability, signaling to organizations the urgency in applying patches. 9. **DLL Files** *Definition:* Dynamic-link library (DLL) files are collections of small programs used by larger programs to perform specific tasks, often shared among different applications. *Importance:* Replacing vulnerable DLL files is a method of patching software to fix security vulnerabilities like those described in the article. 10. **IISRESET** *Definition:* A command-line utility used to restart Internet Information Services (IIS), the web server software used by Windows servers. *Importance:* Restarting services using IISRESET ensures that any patched or updated files are loaded into memory, completing the remediation process for vulnerabilities. — In this episode, we delve into Stonefly APT, a North Korean cyber-threat group, also known as APT45. Despite previous indictments, Stonefly continues to target US companies. Linked to North Korea’s military intelligence, the group uses a mix of modified and custom malware for espionage and financially-motivated attacks, having been active since 2009. Recent attacks in August 2024 against US companies, using tools like Preft and Nukebot, highlight their ongoing efforts, likely for financial gain. Experts suggest these actions may fund other state priorities, underscoring the persistent cyber threat posed by Stonefly. 1. **Stonefly (APT45):** A North Korean Advanced Persistent Threat (APT) group also known as Andariel and OnyxFleet, linked to military intelligence. It is significant due to its involvement in cyber espionage and financially-motivated cybercrime targeting US companies. 2. **Reconnaissance General Bureau (RGB):** North Korean military intelligence agency associated with directing cyber operations. Important for understanding the state-backed nature of certain threat groups like Stonefly. 3. **APT (Advanced Persistent Threat):** A prolonged and targeted cyberattack where an unauthorized user gains access to a network and remains undetected for an extended period. Key in cybersecurity since it highlights the sophisticated nature of cyber threats. 4. **3PROXY:** A publicly available proxy server software used for network connections. Important as a tool often exploited by cyber-attacks for masking and redirecting traffic. 5. **Malware:** Malicious software designed to disrupt, damage, or gain unauthorized access to computer systems. Critical in cybersecurity as it encompasses various attack methods utilized by threat actors. 6. **Preft (backdoor):** A custom persistent backdoor linked specifically to Stonefly, allowing unauthorized access into a computer system. Its recognition aids in the identification and attribution of attacks to specific groups. 7. **Ransomware:** A type of malware that encrypts the victim’s files and demands a ransom for the decryption key. Vital due to its financial impact and prevalence in cybercrime. 8. **Keyloggers:** Software or devices designed to record keystrokes on a computer, often covertly. Their detection is crucial as they are commonly used for information theft. 9. **Mimikatz:** A publicly available security tool often misused to extract password data from Windows systems. Its relevance in cybersecurity lies in its frequent misuse for credential theft. 10. **Indicators of Compromise (IoCs):** Artifacts or forensic data that indicate potential intrusion or malicious activity in a network. Essential for threat detection and response in cybersecurity. — In a recent report, cybersecurity experts from Permiso Security have uncovered a troubling trend where cybercriminals exploit stolen cloud credentials to operate AI-powered sex bots. These bots, which are bypassing content filters through custom jailbreaks, often delve into dangerous and illegal role-playing scenarios involving child sexual exploitation and rape. The attacks primarily target large language models (LLMs) hosted on platforms like Amazon's Bedrock. Permiso's investigation revealed that attackers quickly commandeer exposed credentials to fuel AI chat services, racking up unauthorized usage costs for cloud account owners. Platforms like “Chub[.]ai” are suspected of leveraging this method to offer chats with AI characters engaging in controversial and explicit scenarios. Chub claims to bypass content restrictions for a small monthly fee, fueling a broader uncensored AI economy. AWS has responded by tightening security measures, but concerns persist around the potential misuse of AI technologies. The situation highlights the necessity for organizations to protect access keys and to consider enabling logging features to detect unusual activities, despite the additional costs involved. Anthropic, a provider of LLMs to Bedrock, continues to enhance safeguards against such abuses. 1. **Cloud Credentials** **Definition:** Authentication information required to access cloud computing services. **Importance:** Stolen cloud credentials allow cybercriminals unauthorized access to a victim’s cloud resources, which can be exploited for malicious activities such as operating unauthorized services or reselling access clandestinely. 2. **Generative Artificial Intelligence (AI)** **Definition:** AI systems capable of generating text, images, or other media in response to prompts by leveraging large datasets and complex algorithms. **Importance:** These systems can be misused to create harmful or illegal content, as evidenced by their exploitation in unauthorized sex chat services, highlighting the need for robust ethical and security safeguards. 3. **Large Language Models (LLMs)** **Definition:** Advanced AI systems that process and generate human-like text by analyzing vast amounts of language data. **Importance:** LLMs can be manipulated by bad actors to bypass restrictions and produce inappropriate or illegal content, underscoring the risks of inadequate security measures. 4. **Jailbreak (in AI context)** **Definition:** Techniques used to bypass or disable restrictions set within AI systems, allowing them to produce content or perform actions usually forbidden. **Importance:** Jailbreaking enables cybercriminals to exploit AI platforms for illicit purposes, making the development of resilient models a key priority for AI security. 5. **Amazon Web Services (AWS) Bedrock** **Definition:** A cloud-based platform by AWS that provides foundational tools and services for building and deploying generative AI models. **Importance:** Its compromise can lead to significant unauthorized usage and financial liabilities for the account holder, as demonstrated by the unauthorized use in illicit AI chat services. 6. **Prompt Logging** **Definition:** The process of recording and monitoring the prompts given to AI models and the responses they generate. **Importance:** Enables transparency and security oversight, allowing organizations to detect and mitigate misuse of AI resources effectively. 7. **Chub AI** **Definition:** A platform offering AI chat bot characters, including those with explicit and controversial themes. **Importance:** Exemplifies the challenge of regulating AI-powered services to prevent the exploitation and dissemination of harmful content. 8. **NSFL (Not Safe for Life)** **Definition:** A categorization used to describe content that is extraordinarily disturbing or offensive. **Importance:** Highlights the potential for AI-driven services to generate deeply objectionable material, raising ethical and legal concerns. 9. **GuardDuty** **Definition:** An AWS security service that provides monitoring and threat detection for identifying malicious activity and unauthorized behavior. **Importance:** Essential for maintaining cloud security posture and preemptively identifying potential threats, particularly in preventing unwanted exploitation of cloud resources. 10. **Anthropic** **Definition:** An AI safety and research organization focused on developing models with built-in ethical constraints. **Importance:** Plays a critical role in enhancing AI safety to prevent misuse, working towards models resistant to manipulation and fostering industry-wide best practices for secure AI deployment. —

[Referências do Episódio] Stonefly: Extortion Attacks Continue Against U.S. Targets - https://symantec-enterprise-blogs.security.com/threat-intelligence/stonefly-north-korea-extortion Thousands of Adobe Commerce stores hacked in competing CosmicSting campaigns - https://sansec.io/research/cosmicsting-fallout Breaking into DrayTek routers before threat actors do it again - https://www.forescout.com/resources/draybreak-draytek-research/ Separating the bee from the panda: CeranaKeeper making a beeline for Thailand - https://www.welivesecurity.com/en/eset-research/separating-bee-panda-ceranakeeper-making-beeline-thailand/ Roteiro e apresentação: Carlos Cabral e Bianca Oliveira Edição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Zehnte Folge, das ging schnell! Aber statt die Korken zum Mini-Jubiläum knallen zu lassen, machen Christopher und Sylvester mit ihren Hörern einen Ausflug nach Asien, genauer gesagt nach Nordkorea. Dort arbeiten unter der Führung des Militärgeheimdiensts tausende Cybersoldaten für das Kim-Regime. Sie spionieren, infiltrieren, sabotieren - und erbeuten hunderte Millionen Dollar fürs nordkoreanische Rüstungsprogramm. Wer die Gruppen mit Namen wie Andariel, Lazarus oder BlueNorOff sind und was sie mit einer mittelmäßigen Filmsatire zu tun haben, erfahrt Ihr im Podcast. * Die Killswitch-Domain von WannaCry sieht aus wie auf dem Keyboard ausgerutscht: iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com * Knowbe4 von nordkoreanischem Fake-Mitarbeiter infiltriert: https://www.heise.de/news/l-f-IT-Sicherheitsunternehmen-stellt-unbeabsichtigt-Cyberkriminellen-ein-9814563.html * Advisory internationaler Sicherheitsbehörden zu gefährdeten Branchen: https://www.ic3.gov/Media/News/2024/240725.pdf

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird. You can find the newsletter version of this podcast here. Show notes Risky Biz News: New DNS attack impacts a quarter of all open DNS resolvers

A North Korean hacking group, newly designated as APT45 by the FBI and Mandiant, has broadened its ransomware operations to target healthcare providers, financial institutions, and energy companies. Previously known as Andariel or UNC614, the group has been active since at least 2009 and supports the interests of the North Korean government. Mandiant, a subsidiary of Google Cloud, emphasizes the group's rising sophistication and expanding target range, which now includes advanced technologies and critical infrastructure. The FBI is expected to release an advisory following Mandiant's report, detailing the group's tactics and historical focus on intelligence gathering from defense and research sectors. Additionally, the U.S. Agency for International Development (USAID) reports over 1,300 electronic devices, including iPhones, iPads, and computers, missing over the past three years. With two-thirds of its workforce based overseas, device security remains a critical challenge for the agency, reflecting a broader issue of mobile device management across federal agencies. Despite the losses, USAID remains committed to responsible stewardship of taxpayer dollars and rigorous digital asset security, particularly in challenging global environments. The Daily Scoop Podcast is available every Monday-Friday afternoon. If you want to hear more of the latest from Washington, subscribe to The Daily Scoop Podcast on on Apple Podcasts, Soundcloud, Spotify and YouTube.

Somalia is struggling with the aftermath of its worst floods for many decades, which have affected more than two million people. Some were already displaced, having lost their livelihoods in the acute drought which preceded the flooding. It's a big story for BBC Somali, and journalist Fardowsa Hanshi tells us how they've been covering it.Being a tourist in Afghanistan Since the Taliban returned to power in 2021, Afghanistan has seen a reduction in violence. This has opened up the country to both local and foreign tourists. Shoaib Sharifi of BBC Media Action recently took a trip around his native country, and saw it in a way that he never had before. He shares some memorable moments from his journey. North Korean hack It's recently emerged that the notorious North Korean hacking group Andariel has stolen vast amounts of data from South Korea. Around 1.2 terabytes of information was taken from industries including pharmaceutical companies and defence firms as well as universities. Rachel Lee of BBC Korean tells us more about the hacking and how it was discovered. A lifeline for Hong Kong's domestic workers Foreign domestic workers have become indispensable for many families in Hong Kong. However, their physical and mental health are sometimes affected by busy schedules and lack of space and exercise. Now some have found a lifeline, thanks to a personal trainer who offers them free fitness classes. Benny Lu from BBC Chinese went to investigate.Sri Lanka's doctor exodus Huge numbers of doctors and other professionals are leaving Sri Lanka due to the economic situation and escalating taxes. BBC Sinhala's Sampath Dissanayake reports on what led to this crisis and the impact it is having on Sri Lankans.(Photo: Extreme flooding in Somalia. Credit: BBC)

[Referências do Episódio] - Mass Exploitation of (Un)authenticated Zimbra RCE: CVE-2022-27925 - https://www.volexity.com/blog/2022/08/10/mass-exploitation-of-unauthenticated-zimbra-rce-cve-2022-27925/ - Cisco Talos shares insights related to recent cyber attack on Cisco - https://blog.talosintelligence.com/2022/08/recent-cyber-attack.html - Andariel deploys DTrack and Maui ransomware - https://securelist.com/andariel-deploys-dtrack-and-maui-ransomware/107063/ - “BazarCall” Advisory: Essential Guide to Attack Vector that Revolutionized Data Breaches - https://www.advintel.io/post/bazarcall-advisory-the-essential-guide-to-call-back-phishing-attacks-that-revolutionized-the-data - The quantum state of Linux kernel garbage collection CVE-2021-0920 (Part I) - https://googleprojectzero.blogspot.com/2022/08/the-quantum-state-of-linux-kernel.html [Ficha técnica] Apresentação: Carlos Cabral Roteiro: Carlos Cabral e Daniel Venzi Edição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia Projeto gráfico: Julian Prieto

Jane Lo, Singapore Correspondent speaks with Kyoung-ju Kwak is a head of TALON, CTI Group of S2W. Kyoung-ju currently works on threat intelligence. He was previously Adjunct Professor at Sungkyunkwan University and audited the National SCADA system and the Ministry of Land with “the Board of Audit and Inspection of Korea” as an Auditor General in 2016. He currently acts as a member of the National Police Agency Cybercrime Advisory Committee. Kay is the main author of the threat intelligence report “Campaign Rifle: Andariel, the Maiden of Anguish”, published in 2017. In the report, he firstly attributed new threat actor, Andariel. He has spoken at various international conferences such as BlackHat Europe, BlackHat Asia, Kaspersky SAS, HITCON, PACSEC, and more. In this podcast, Kay provided insights on the cyber activities of North Korea, given his expertise in darkweb intelligence and experience in understanding the North Korea cyber threat landscape, and his firm's (S2W) support to Interpol's recent Operation Cyclone. He shared his views on how North Korea cyber activities under threat actor groups such as Lazarus and Andariel (APT39), compared to other nation state actors in terms of levels of sophistication (for examples, reconnaissance and social engineering) and attacking styles. Notwithstanding the challenges in attributions, he pointed to the extra care the cyber threat intelligence (CTI ) researchers exercised in publishing their work in reverse engineering and the risks of over disclosure. Given North Korea high profile cyber attacks and its evolution into an advanced threat actor, he also gave his thoughts on how the nation group gained their cyber skills and expertise over the years. Despite the relative decline of number of cyber incidents attributed to North Korea last year, and the successful efforts by Europol and Interpol, Kay cautioned cyber defenders against jumping too quickly to the conclusion of a slow-down in the cyber threat landscape of North Korea. Recorded 10th December 2021, Korea Standard Time (9am)/Singapore (8am). 

Nordkorea är ett mytomspunnet land som nyligen gjort en omtumlande entré på hackerarenan. Vad är det för grupper som attackerar mål omkring i världen och vilka är deras mål? Vi diskuterar Nordkoreas IT-säkerhetshistoria de senaste 25 åren, vad de håller på med just nu och vad vi tror de kommer att göra härnäst. Det är minsann en intressant historia som visar lika mycket på kreativa metoder att överleva som på hur mycket fejder det egentligen är inom familjen Kim.

This is your daily roundup for Sunday, September 15, 2019. The Libra Association will face questions from European Central Banks, OKEX has delisted five privacy coins, the U.S. has sanctioned three North Korean entities for cyber crimes, and former Consensys employee Harrison Hines is launching a crypto-native alternative to GitHub. ☕ Buy Me A Coffee: https://glow.fm/mota Today in Crypto – September 15, 2019 The U.S. has sanctioned three North Korean entities for cyber crimes. The three groups, Lazarus Group, Bluenoroff and Andariel, are believed to be responsible for the theft of $571 million worth of crypto from five exchanges in Asia in 2017 and 2018. The Treasury department believes the stolen funds have been used in the development of nuclear weapons. A recent U.N. report alleges that North Korea has stolen $2 billion worth of crypto and fiat currencies in 35 separate attacks in 17 countries, including South Korea’s UPbit exchange, whom may have been one of the targets of North Korea’s phishing attacks. OKEX Delists 5 Privacy Coins South Korean exchange OKEX announced the delisting of five privacy coins, including Monero (XMR), dash, zcash (ZEC), horizen (ZEN) and super bitcoin (SBTC). OKEX stated “it is recommended that exchanges be able to collect relevant information such as the name and address of the sender and recipient of the virtual asset.” OKEX cited the “travel rule” recommendation from the Financial Action Task Force (FATF) as the reason for pulling the five coins. Coinbase UK also dropped support for zcash last month, likely due to the need to identify users when required by authorities. This comes in response to the Financial Action Task Force guidelines, requiring that virtual asset service providers such as exchanges, pass along information about their customers to one another when transferring funds between firms. European Central Banks To Grill Libra The Libra Association will face questions from 26 central banks over its perceived risks to financial stability. According to the Financial Times, Libra will be expected to answer questions on its planned scope and structure at the Committee on Payments and Market Infrastructure Forum. European Central Bank executive board member Benoit Coeure, whom will chair the meeting, stated “We’ve got to look very carefully at these projects, the bar for regulatory approval has been set very high.” The central banks’ findings will likely be included in an October report for the G7 nations. GitHub Crypto-Native Alternative Former head of Token Foundry at Consensys, Harrison Hines, is launching a crypto-native alternative to GitHub. The startup, called Terminal, closed a $3.7 million seed round in late 2018 to build a developer hub for decentralized applications. The hub quietly went live over the summer and is undergoing a soft launch this week. Notably, Hines filed a legal complaint this June against ConsenSys founder Joseph Lubin, alleging Consensys owed him $13 million in unpaid profits and benefits. Hines says the issue has since been resolved outside of court, further stating “We are planning to, hopefully, get every ConsenSys project onto Terminal, I do think there are opportunities for us to work with several of them in the future.” Binance Invests In Chinese Crypto Media Binance has made an investment in Chinese crypto media and data source Mars Finance. Binance CEO CZ stated “We have large respect for data, news and research firms which support the positive growth of the blockchain industry. We will continue to pursue strategic investment opportunities in our mission to bring crypto further mainstream, increase adoption and accessibility, and help the industry grow sustainably.” A report from Bloomberg estimates the company to be valued at $200 million.

In this week's episode, David talks about DLC. Jamie explains his last requests.

Diablo II Kaleb Schweiss Diablo II is an action based, hack +-and slash rpg by Blizzard north. The game was published in 2000 for Windows and Mac. The game’s design was done by David Brevik and Erich Schaefer, who acted as a project lead for the game. Diablo II built on the success of the first game in the series, and was one of the most popular game of 2000. The continuation of it’s fanatsy themes from the first entry, and the access to Blizzard’s free online play service through Battle.net were a major factor in it’s popularity. The servers are still available through Battle.net, and they even had a major patch release in March of 2016. There was an expansion for Diablo II, titled Lord of Destruction released in 2001, of which I have played about half of.   The game progresses through four portions, divided up into acts. Each one follows a set of objectives, but still holds true to the random generated areas of the first game. Diablo II also introduces more side quests, mainly in the form of optional dungeons with an uber loot chest at the end. Diablo II has much more variety in environments, where Diablo I only had the floors in, and below, the monastery.   Diablo II also introduces three difficulty levels. Normal, Nightmare, and Hell are unlocked once the game is beaten on normal. Higher difficulty means harder enemies, and less resistances, but it also means better loot. The player can return to a lower difficulty at any time.   Diablo II brings a couple more character selections to the table. You can play as an Amazon, Necromancer, Barbarian, Sorceress, and Paladin. Lord of Destruction also added the Druid and Assassin classes.   Diablo II’s story begins right after the events of Diablo. The great and powerful warrior, Husk, defeated Diablo in the first game, and tried to contain his essence within his body. Since then, Husk has become corrupted by the demons spirit, and has caused demons to enter the world.   Stories begin to be told in reference to this “Dark Wanderer”. We later find that the soulstones were originally designed to capture the Prime Evils who were banished to the mortal realm after being overthrown by their lessers. When Diablo’s soulstone became corrupted, the demon was able to control the Dark Wanderer. THe soulstone of Baal, another demon, was united with the mage Tal-Rasha, who volunteered to absorb the spirit into his body and be imprisoned. The story is told from the perspective of a drifter named Marius. Marius is following the Dark Wanderer, and finds that he means to unite with the other Prime Evils.   Act I: Rescue Cain from Tristram, follow Dark Wanderer. Wanderer gets Andariel to corrupt the Sisters of the Sightless Eye and take over their monestary. Overcome, yada yada. Act II: You head east, in search of Tal Rasha’s tomb. Marius and the Dark Wanderer get there first, and Marius is deceived into removing Baals soulstone from Tal-Rasha, and Tyrael, an Archangel, orders Marius to take the soulstone to hell to destroy it. THe dark wanderer joins Mephisto and Ball, opens a portal to hell, and sheds his skin to become Diablo. Act III: Mephisto is killed guarding the entrance to The Temple of Kurast. The character takes his soulstone, and goes to Hell. Act IV: Slay Diablo, and destroy the soulstones of Mephisto and Diablo on the Hellforge, preventing their return.                   Kaleb Schweiss             Joe Story            8                                 8 Gameplay    10                                10 Design         10                                10 Music/Sound 10                              10 Replayability 10                              10    

We basically talk about nothing this week and yet still go horribly off rails. It's a good thing we don’t still need subs and we can coast or this might be awkward. We talk about the new cosmetics added to the game in 2.4.1 and where to find your guides to find your loot to find your perfect look. Included also is a link to the DiabloFans build section so you can find the perfect build for you as voted on by the community. Just conform already. Everybody’s doing it. After that we talk about what we would like to see in Diablo 3 and/or Diablo 4, I think it's safe to say we want to see more flowers and teddy bears backed by 8 bit music. The heart and soul of the Diablo experience. Lastly we break down a totally meta build in our non-meta build breakdown section. We like to reign in new sections by doing them completely wrong. Still less wrong than Andariel’s tassels. Drahque’s Guide found on Reddit https://docs.google.com/spreadsheets/d/1gCq8ihJBcYDZpPICFqA407fL0Fl_K9PMBp83npy5DcM/htmlview?usp=sharing&sle=true Quin’s Cosmetics Guide https://www.youtube.com/watch?v=AT52fKRo0_k&feature=youtu.be Data Mined Reference for Pets/Wings http://www.diablofans.com/news/48667-new-ptr-patch-datamined-march-2nd Diablo Fans Builds Section http://www.diablofans.com/builds Season 6 Details http://us.battle.net/d3/en/blog/20099644/first-look-season-6-journey-4-21-2016 You can E-Mail the show at: NephalemofSanctuary@gmail.com You can support the show at: https://www.patreon.com/nospodcast?u=3108641&ty=h Find the show on Twitter at @nospodcast Find Devon on Twitter at @Kulanah Find Colin on Twitter at @InukshukNOS Affliate links: Audible: http://amzn.to/1VKQHBb

Thatswecalltechno009-RF Sound by Thatswecalltechno Podcast on MixcloudTracklist:1.RF:Sound - Silence (Intro)2.Stanislav Tolkachev - Back to my self // [SUBSIST] 3.Northem Estructures - Self Similarity // [SONIC GROOVE]4.Rafal Furst - Bankowa // [AUDIOEXIT RECORDS]5.SP-X - Flux // [KOMISCH]6.RF:Sound - No exit // [AUDIOEXIT RECORDS]7.RF:Sound - Kha 8.Lolo aka Acidus - Dino 9.Robert Hood -. Bells at dusk // [M-PLANT]10.RF:Sound - D.R.S.T 11.Lucy & Herculino - Gmork [Luke Slater remix] // [ARTEFACTS STROBOSCOPS]12.Andariel - what do you want from me // [SINGULARITY REC.]13.CBTØ - Ø // [Forthcoming SOUNDSOURCE]14.Surgeon - Shaper of the unkwnow // [COUNTERBALANCE]15.Surgeon - Radiance // [DYNAMIC TENSION]16.hadji - mutavluk na najjache // [LABRYNTH]17.Oscar Mulero - Horses // [POLE]18.Obscurum - Dom (fanon flower remix) // [PLANET RHYTHM]19.Radial - Off the records // [PLANTE RHYTHM]20.Lolo Aka Acidus - Combustión / [Unreleased]21.Mike Parker - Subterranean liquid [PROLOGUE]22.Oscar Mulero - Repeater // [WARM UP RECORDINGS]23.Lolo aka acidus - cerebral 24.RF:Sound - SyV 25.Silent servant - el mar (Svreca remix) // [SEMANTICA RECORD]Rf:Sound on SoundcloudDownload