A sub-cluster within the infamous Lazarus Group has established new infrastructure that impersonates skills assessment portals as part of its social engineering campaigns.
Microsoft attributed the activity to a threat actor it calls Sapphire Sleet, describing it as a “shift in the persistent actor’s tactics.”
Sapphire Sleet, also called APT38, BlueNoroff, CageyChameleon, and CryptoCore, has a