Cybersecurity

DPRK Exploits 2 MITRE Sub-Techniques: Phantom DLL Hijacking, TCC Abuse

This month, MITRE will be adding two sub-techniques to its ATT&CK database that have been widely exploited by North Korean threat actors. The first, not entirely new, sub-technique involves manipulation of Transparency, Consent, and Control (TCC), a security protocol that regulates application permissions on Apple’s macOS. The other — called “phantom” dynamic link library (DLL) […]