Tag: korea
-
Kimsuky APT Deploying Linux Backdoor Gomir in South Korean Cyber Attacks
by
in SecurityNewsThe Kimsuky (aka Springtail) advanced persistent threat (APT) group, which is linked to North Korea’s Reconnaissance General Bureau (RGB), has been ob… First seen on thehackernews.com Jump to article: thehackernews.com/2024/05/kimsuky-apt-deploying-linux-backdoor.html
-
Feds Bust N. Korean Identity Theft Ring Targeting US Firms
by
in SecurityNewsNorth Korea targeted US companies with stolen identities in a cybercrime scheme. The Justice Department cracks down, seizes websites, and disrupts rev… First seen on hackread.com Jump to article: www.hackread.com/feds-bust-n-korean-identity-theft-ring-us-firms/
-
North Korea-linked Kimsuky used a new Linux backdoor in recent attacks
by
in SecurityNewsSymantec warns of a new Linux backdoor used by the North Korea-linked Kimsuky APT in a recent campaign against organizations in South Korea. Symantec… First seen on securityaffairs.com Jump to article: securityaffairs.com/163364/apt/kimsuky-new-linux-backdoor.html
-
North Korea-linked IT workers infiltrated hundreds of US firms
by
in SecurityNewsThe U.S. Justice Department charged five individuals, including a U.S. woman, for aiding North Korea-linked IT workers to infiltrate 300 firms. The Ju… First seen on securityaffairs.com Jump to article: securityaffairs.com/163349/intelligence/north-korea-linked-it-workers-infiltrated-us-firms.html
-
North Korea-linked Kimsuky APT attack targets victims via Messenger
by
in SecurityNewsNorth Korea-linked Kimsuky APT group employs rogue Facebook accounts to target victims via Messenger and deliver malware. Researchers at Genius Securi… First seen on securityaffairs.com Jump to article: securityaffairs.com/163265/apt/north-korea-kimsuky-apt-uses-messenger.html
-
North Korea IT Worker Scam Brings Malware and Funds Nukes
by
in SecurityNewsWTH? DPRK IT WFH: Justice Department says N. Korean hackers are getting remote IT jobs, posing as Americans. The post K IT WFH: Justice Department say… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/05/dprk-remote-it-jobs-richixbw/
-
Kimsuky hackers deploy new Linux backdoor in attacks on South Korea
by
in SecurityNewsThe North Korean hacker group Kimsuki has been using a new Linux malware called Gomir that is a version of the GoBear backdoor delivered via trojanize… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/kimsuky-hackers-deploy-new-linux-backdoor-in-attacks-on-south-korea/
-
Five charged for cyber schemes to benefit North Korea’s weapons program
by
in SecurityNews‹The U.S. Justice Department charged five individuals today, a U.S. Citizen woman, a Ukrainian man, and three foreign nationals, for their involvement… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/five-charged-for-cyber-schemes-to-benefit-north-koreas-weapons-program/
-
North Korean Hackers Spoofing Journalist Emails to Spy on Policy Experts
by
in SecurityNewsThe US warns that the North Korea-linked Kimsuky group is exploiting poorly configured DMARC protocols to spoof legitimate domains in espionage phishi… First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/north-korean-spoofing-journalist/
-
North Korea’s Lazarus Group Deploys New Kaolin RAT via Fake Job Lures
by
in SecurityNewsThe North Korea-linked threat actor known as Lazarus Group employed its time-tested fabricated job lures to deliver a new remote access trojan called … First seen on thehackernews.com Jump to article: thehackernews.com/2024/04/north-koreas-lazarus-group-deploys-new.html
-
NSA warns of North Korean hackers exploiting weak DMARC email policies
by
in SecurityNewsThe NSA and FBI warned that the APT43 North Korea-linked hacking group exploits weak email Domain-based Message Authentication Reporting and Conforman… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/nsa-warns-of-north-korean-hackers-exploiting-weak-dmarc-email-policies/
-
Cryptohack Roundup: Geosyn Fraud Lawsuit
by
in SecurityNewsAlso: North Korea Money Laundering and South Korean Crypto Police. This week, SEC filed suit against Geosyn, prosecutors fought dismissed Tornado Cash… First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/cryptohack-roundup-geosyn-fraud-lawsuit-a-24999
-
Microsoft Warns: North Korean Hackers Turn to AI-Fueled Cyber Espionage
by
in SecurityNewsMicrosoft has revealed that North Korea-linked state-sponsored cyber actors has begun to use artificial intelligence (AI) to make its operations more … First seen on thehackernews.com Jump to article: thehackernews.com/2024/04/microsoft-warns-north-korean-hackers.html
-
North Korea APT Triumvirate Spied on South Korean Defense Industry For Years
by
in SecurityNewsLazarus, Kimsuky, and Andariel all got in on the action, stealing important data from firms responsible for defending their southern neighbors (from t… First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/north-korea-apt-triumvirate-spied-on-south-korean-defense-industry-for-years
-
New Android Trojan ‘SoumniBot’ Evades Detection with Clever Tricks
by
in SecurityNewsA new Android trojan called SoumniBot has been detected in the wild targeting users in South Korea by leveraging weaknesses in the manifest extraction… First seen on thehackernews.com Jump to article: thehackernews.com/2024/04/new-android-trojan-soumnibot-evades.html
-
North Korea-linked APT groups target South Korean defense contractors
by
in SecurityNewsThe National Police Agency in South Korea warns that North Korea-linked threat actors are targeting defense industry entities. The National Police Age… First seen on securityaffairs.com Jump to article: securityaffairs.com/162193/apt/north-korea-south-korean-defense-contractors.html
-
DPRK hacking groups breach South Korean defense contractors
by
in SecurityNewsThe National Police Agency in South Korea issued an urgent warning today about North Korean hacking groups targeting defense industry entities to stea… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/dprk-hacking-groups-breach-south-korean-defense-contractors/
-
North Korean Hackers Hijack Antivirus Updates for Malware Delivery
by
in SecurityNewsA North Korea-linked threat actor hijacked the update mechanism of eScan antivirus to deploy backdoors and cryptocurrency miners. The post Korea-linke… First seen on securityweek.com Jump to article: www.securityweek.com/north-korean-hackers-hijack-antivirus-updates-for-malware-delivery/
-
A Vigilante Hacker Took Down North Korea’s Internet. Now He’s Taking Off His Mask
by
in SecurityNewsAs P4x, Alejandro Caceres single-handedly disrupted the internet of an entire country. Then he tried to show the US military how it can”and should”ad… First seen on wired.com Jump to article: www.wired.com/story/p4x-north-korea-internet-hacker-identity-reveal/
-
Cyber-attacks by North Korea raked in $3bn to build nuclear weapons, UN monitors suspect
by
in SecurityNewsFirst seen on theguardian.com Jump to article: www.theguardian.com/world/2024/feb/08/cyber-attacks-by-north-korea-raked-in-3bn-to-build-nuclear-weapons-un-monitors-suspect
-
That Asian meal you eat on holidays could launder money for North Korea
by
in SecurityNewsFirst seen on theregister.com Jump to article: www.theregister.com/2024/03/25/un_north_korea_report/
-
Palo Alto Networks Releases Fixes for Firewall Zero-Day as Attribution Attempts Emerge
by
in SecurityNewsPalo Alto Networks has started releasing hotfixes for the firewall zero-day CVE-2024-3400, which some have linked to North Korea’s Lazarus. The post … First seen on securityweek.com Jump to article: www.securityweek.com/palo-alto-networks-releases-fixes-for-firewall-zero-day-as-first-attribution-attempts-emerge/
-
Palo Alto Networks Releases Fixes for Firewall Zero-Day as First Attribution Attempts Emerge
by
in SecurityNewsPalo Alto Networks has started releasing hotfixes for the firewall zero-day CVE-2024-3400, which some have linked to North Korea’s Lazarus. The post … First seen on securityweek.com Jump to article: www.securityweek.com/palo-alto-networks-releases-fixes-for-firewall-zero-day-as-first-attribution-attempts-emerge/
-
N. Korea-linked Kimsuky Shifts to Compiled HTML Help Files in Ongoing Cyberattacks
by
in SecurityNewsThe North Korea-linked threat actor known as Kimsuky (aka Black Banshee, Emerald Sleet, or Springtail) has been observed shifting its tactics, leverag… First seen on thehackernews.com Jump to article: thehackernews.com/2024/03/n-korea-linked-kimsuky-shifts-to.html
-
It’s 2024 And North Korea’s Kimsuky Gang Is Exploiting Windows Help Files
by
in SecurityNewsFirst seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/35682/Its-2024-And-North-Koreas-Kimsuky-Gang-Is-Exploiting-Windows-Help-Files.html
-
North Korea-Linked Group Levels Multistage Cyberattack on South Korea
by
in SecurityNewsKimsuky-attributed campaign uses eight steps to compromise systems ” from initial execution to downloading additional code from Dropbox, and executing… First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/north-korea-linked-group-level-multistage-cyberattack-on-south-korea
-
North Korea’s Kimsuky Group Equipped to Exploit Windows Help files
by
in SecurityNewsCybersecurity experts have uncovered a sophisticated cyber espionage campaign orchestrated by the North Korean threat actor group Kimsuky, Black Bansh… First seen on gbhackers.com Jump to article: gbhackers.com/kimsuky-group-exploit-windows-help-files/
-
North Koreas Kimsuky Group Equipped to Exploit Windows Help files
by
in SecurityNewsCybersecurity experts have uncovered a sophisticated cyber espionage campaign orchestrated by the North Korean threat actor group Kimsuky, Black Bansh… First seen on gbhackers.com Jump to article: gbhackers.com/kimsuky-group-exploit-windows-help-files/
-
Its 2024 And North Koreas Kimsuky Gang Is Exploiting Windows Help Files
by
in SecurityNewsFirst seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/35682/Its-2024-And-North-Koreas-Kimsuky-Gang-Is-Exploiting-Windows-Help-Files.html