Tag: north-korea
-
North Korean APT Exploited IE Zero-Day in Supply Chain Attack
A Pyongyang-aligned APT was caught exploiting a recent zero-day in Internet Explorer in a supply chain attack. The post North Korean APT Exploited IE Zero-Day in Supply Chain Attack appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/north-korean-apt-exploited-ie-zero-day-in-supply-chain-attack/
-
North Korean Fake IT Workers Extort Employers After Stealing Data
North Korean nationals posing as IT workers have been extorting their employers after gaining insider access. The post North Korean Fake IT Workers Extort Employers After Stealing Data appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/north-korean-fake-it-workers-extort-employers-after-stealing-data/
-
Biz hired, and fired, a fake North Korean IT worker then the ransom demands began
‘My webcam isn’t working today’ is the new ‘The dog ate my network’ First seen on theregister.com Jump to article: www.theregister.com/2024/10/18/ransom_fake_it_worker_scam/
-
North Korean IT Worker Schemes Evolve: From Salary Scams to Cyber Extortion
A new report from Secureworks® Counter Threat Unit (CTU) researchers has revealed a disturbing escalation in the tactics used by North Korean government-linked actors who fraudulently secure IT jobs at... First seen on securityonline.info Jump to article: securityonline.info/north-korean-it-worker-schemes-evolve-from-salary-scams-to-cyber-extortion/
-
IT-Sicherheit: Nordkorea verblüfft mit High-Tech-Cyberangriffen
Berichte über staatliche Cyberangriffe drehen sich meist um Russland und China, weniger um Nordkorea. Dabei ist die dortige Diktatur in diesem Bereich sehr aktiv – mit einigen Besonderheiten. First seen on golem.de Jump to article: www.golem.de/news/it-sicherheit-nordkorea-verbluefft-mit-high-tech-cyberangriffen-2410-189903.html
-
Organization Hacked Following Accidental Hiring of North Korean Remote IT Worker
A company has fallen victim to a cyberattack after unknowingly hiring a North Korean cybercriminal as a remote IT worker. The unidentified firm, based in the UK, US, or Australia, discovered the breach after the hacker downloaded sensitive data and issued a ransom demand. The incident highlights the growing threat of North Korean operatives infiltrating…
-
Pyongyang on the payroll? Signs that your company has hired a North Korean IT worker
Tags: north-koreaSecureWorks has released research that dives into the tell-tale behaviors behind remote employees that may be working on behalf of North Korea. First seen on cyberscoop.com Jump to article: cyberscoop.com/north-korean-it-workers-secureworks-report/
-
A new Linux variant of FASTCash malware targets financial systems
North Korea-linked actors deploy a new Linux variant of FASTCash malware to target financial systems, researcher HaxRob revealed. The cybersecurity researcher HaxRob analyzed a new variant of the FASTCash >>payment switch
-
North Korean Hackers Use New Backdoor And RAT For Attacks
As per recent reports, North Korean hackers have been observed using a new backdoor and remote access trojan as part of their attack campaign. VeilShell, the new tool, is primarily being used to target Southeast Asian countries. In this article, we’ll dive into the details and uncover how such attacks are carried out. Let’s begin! ……
-
Updated malware payloads deployed in new North Korean job seeking scams
First seen on scworld.com Jump to article: www.scworld.com/brief/updated-malware-payloads-deployed-in-new-north-korean-job-seeking-scams
-
North Korean Threat Actors Deploy Malware via Job-Seeking Scams
First seen on scworld.com Jump to article: www.scworld.com/brief/north-korean-threat-actors-deploy-malware-via-job-seeking-scams
-
Two updated malware strains used in North Korean fake recruiter scams
First seen on therecord.media Jump to article: therecord.media/updated-malware-strains-north-korea
-
N. Korean Hackers Use Fake Interviews to Infect Developers with Cross-Platform Malware
Threat actors with ties to North Korea have been observed targeting job seekers in the tech industry to deliver updated versions of known malware families tracked as BeaverTail and InvisibleFerret.The activity cluster, tracked as CL-STA-0240, is part of a campaign dubbed Contagious Interview that Palo Alto Networks Unit 42 first disclosed in November 2023.”The threat…
-
Feds reach for sliver of crypto-cash nicked by North Korea’s notorious Lazarus Group
A couple million will do for a start “¦ but Kim’s crews are suspected of stealing much more First seen on theregister.com Jump to article: www.theregister.com/2024/10/08/us_lazarus_group_crypto_seizure/
-
North Korean APT Group Kimsuky Exploits DMARC Misconfigurations for Sophisticated Phishing Attacks
Email security has long been a critical pillar in defending organizations against cyberattacks, but recent reports reveal that even widely trusted protections like Domain-based Message Authentication, Reporting & Conformance (DMARC)... First seen on securityonline.info Jump to article: securityonline.info/north-korean-apt-group-kimsuky-exploits-dmarc-misconfigurations-for-sophisticated-phishing-attacks/
-
DOJ Wants to Claw Back $2.67 Million Stolen by Lazarus Group
The DOJ wants to seize $2.67 million from the $69 million in crypto the North Korean-backed Lazarus Group stole in from the options exchange Deribit in 2022 and online gambling platform Stake.com last year. First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/10/doj-wants-to-claw-back-2-67-million-stolen-by-lazarus-group/
-
SHROUDED#SLEEP: APT37’s Advanced Evasion and Persistence Tactics in Southeast Asia
In a recent discovery, the Securonix Threat Research team, led by Den Iuzvyk and Tim Peck, has uncovered a stealthy malware campaign attributed to North Korea’s APT37, also known as... First seen on securityonline.info Jump to article: securityonline.info/shroudedsleep-apt37s-advanced-evasion-and-persistence-tactics-in-southeast-asia/
-
DPRK’s APT37 Targets Cambodia With Khmer, ‘VeilShell’ Backdoor
It’s North Korea versus Cambodia, with Windows default settings and sheer patience allowing the bad guys to avoid easy detection. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/dprk-apt37-cambodia-khmer-veilshell-backdoor
-
Breach Roundup: AI ‘Nudify’ Sites Serve Malware
Tags: ai, breach, cybercrime, group, hacking, insurance, malware, north-korea, scam, vulnerability, windowsAlso: Prison Sentences for BEC Scammers and a West African Cybercrime Crackdown. This week, AI nudify sites spread malware, BEC scammers head to prison, London man charged with hacking, and a Spanish insurance company with a breach. Also, a North Korean hacking group and a West African crackdown on online scammers. And, a Schrödinger Windows…
-
North Korea ‘Shrouded Sleep’ malware campaign targeting Cambodia, other Southeast Asian nations
First seen on therecord.media Jump to article: therecord.media/north-korea-malware-espionage-cambodia
-
North Korean Hackers Using New VeilShell Backdoor in Stealthy Cyber Attacks
Threat actors with ties to North Korea have been observed delivering a previously undocumented backdoor and remote access trojan (RAT) called VeilShell as part of a campaign targeting Cambodia and likely other Southeast Asian countries.The activity, dubbed SHROUDED#SLEEP by Securonix, is believed to be the handiwork of APT37, which is also known as InkySquid, Reaper,…
-
CIA Seeks Informants In North Korea, Iran, And China
First seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/36427/CIA-Seeks-Informants-In-North-Korea-Iran-And-China.html
-
Private US companies targeted by Stonefly APT
Undeterred by the indictment issued against one of its alleged members, North Korean APT group Stonefly (aka APT45) continues to target companies in the US, Symantec threat … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/10/03/private-us-companies-targeted-by-stonefly-apt/
-
North Korean Stonefly Group Continues Attacks on US Targets
Symantec’s Threat Hunter Team reveals that Stonefly, a North Korean cyberespionage group, persists in targeting U.S. organizations despite recent indictments and a multi-million dollar reward offered for information leading to... First seen on securityonline.info Jump to article: securityonline.info/north-korean-stonefly-group-continues-attacks-on-us-targets/
-
North Korea’s ‘Stonefly’ APT Swarms US Private Co’s. for Profit
Despite a $10 million bounty on one member, APT45 is not slowing down, pivoting from intelligence gathering to extorting funds for Kim Jong-Un’s regime. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/stonefly-apt-us-private-cos-north-korean-profit
-
North Korean’s Stonefly shifts from espionage to ransomware, extortion
First seen on scworld.com Jump to article: www.scworld.com/news/north-koreans-stonefly-shifts-from-espionage-to-ransomware-extortion
-
Warnings Mount Over Fake North Korean IT Workers
German Domestic Intelligence Agency Says German Companies Have Fallen For Scam. The German federal domestic intelligence agency is adding to warnings over North Korean IT workers obtaining remote work in Western tech companies. The world’s most secretive and repressive regime looks for multiple ways to circumvent strict economic sanctions. First seen on govinfosecurity.com Jump to…
-
Stonefly Group Targets US Firms With New Malware Tools
North Korean APT Stonefly continues to launch cyber-attacks on US firms despite July indictment First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/stonefly-targets-us-firms-new/