Spot the Difference: Earth Kasha’s New LODEINFO Campaign And The Correlation Analysis With The APT10 Umbrella

LODEINFO is a malware used in attacks targeting mainly Japan since 2019. Trend Micro has been tracking the group as Earth Kasha. While some vendors suspect that the actor using LODEINFO might be APT10, we don’t have enough evidence to Read More …

Casio Faces Cyberattack: Service Disruptions and Delayed G-Shock Releases

Casio, a well-known Japanese electronics company, experienced a significant cyberattack on October 5th. The company reported that an unidentified third party illegally accessed its network, causing system failures and service disruptions. In a statement on October 8th, Casio expressed regret Read More …

Japan: JMSDF set to establish a new “Fleet Information Warfare” command

The move would strengthen the JMSDF’s response capabilities to integrated information warfare, especially in the cognitive dimension. Most notably, the new reorganization process will abolish the current Fleet Intelligence Command (艦隊情報群), the only specialized intelligence unit in the JMSDF. The Read More …

An investigation into the tools and methods used by the Higaisa group

In March 2020 specialists from the PT Expert Security Center conducted an analysis on the activities of the APT group Higaisa. This group was first studied by security analysts at Tencent in November 2019. In that analysis, Tencent specialists reached Read More …

Kadokawa confirms data leak of 254,000 people due to cyberattack

Japanese publisher Kadokawa has confirmed a data leak affecting 254,241 people due to a cyberattack. The finding, announced Monday, is based on an investigation by third-party experts. Of the leaked data, information of 186,269 people was related to Kadokawa Dwango Read More …

APT40 Advisory PRC MSS tradecraft in action

The PRC state-sponsored cyber group has previously targeted organisationsin various countries, including Australia and the United States, and the techniques highlighted below are regularly used by other PRC state-sponsored actors globally. Therefore, the authoring agencies believe the group, and similar Read More …

Japan: MSDF chief may quit over widespread mishandling of secret info

Several Maritime Self-Defense Force vessels reportedly allowed unvetted personnel to handle top secret information related to national security, with the MSDF’s top uniformed officer signaling his intention to resign over the latest breach. Ryo Sakai, the MSDF’s chief of staff Read More …

Japan’s space agency was hit by multiple cyberattacks, but officials say no sensitive data was taken

Japan’s space agency has suffered a series of cyberattacks since last year, but sensitive information related to rockets and satellites was not affected and it is continuing to investigate and take preventive measures, officials said Friday. Chief Cabinet Secretary Yoshimasa Read More …

The Updated APT Playbook: Tales from the Kimsuky threat actor group

Rapit7 team recently ran across some interesting activity that they believe is the work of the Kimsuky threat actor group, also known as Black Banshee or Thallium. Originating from North Korea and active since at least 2012, Kimsuky focuses primarily on Read More …

Tech giant Fujitsu says it was hacked, warns of data breach

Multinational technology giant Fujitsu confirmed a cyberattack in a statement Friday, and warned that hackers may have stolen personal data and customer information. “We confirmed the presence of malware on multiple work computers at our company, and as a result Read More …