Tag: north-korea
-
North Korea-linked APT37 exploited IE zero-day in a recent attack
Tags: attack, exploit, group, Internet, korea, north-korea, supply-chain, threat, vulnerability, zero-dayNorth Korea-linked group APT37 exploited an Internet Explorer zero-day vulnerability in a supply chain attack. A North Korea-linked threat actor, trac… First seen on securityaffairs.com Jump to article: securityaffairs.com/169983/apt/north-korea-apt37-ie-zero-day.html
-
North Korean Hackers Exploit Zero-Day Flaw (CVE-2024-38178) in >>Operation Code on Toast<<
A joint report by AhnLab Security Emergency response Center (ASEC) and the National Cyber Security Center (NCSC) has revealed a new zero-day vulnerabi… First seen on securityonline.info Jump to article: securityonline.info/north-korean-hackers-exploit-zero-day-flaw-cve-2024-38178-in-operation-code-on-toast/
-
Organization Hacked Following Accidental Hiring of North Korean Remote IT Worker
A company has fallen victim to a cyberattack after unknowingly hiring a North Korean cybercriminal as a remote IT worker. The unidentified firm, based… First seen on gbhackers.com Jump to article: gbhackers.com/organization-hacked/
-
North Korean IT Scam Workers Shift to Extortion Tactics
Report Reveals North Korean Workers Expanding into Intellectual Property Theft. North Korean threat actors posing as remote information technology wor… First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/north-korean-scam-workers-shift-to-extortion-tactics-a-26564
-
North Korean APT Exploited IE Zero-Day in Supply Chain Attack
A Pyongyang-aligned APT was caught exploiting a recent zero-day in Internet Explorer in a supply chain attack. The post North Korean APT Exploited IE … First seen on securityweek.com Jump to article: www.securityweek.com/north-korean-apt-exploited-ie-zero-day-in-supply-chain-attack/
-
North Korean Fake IT Workers Extort Employers After Stealing Data
North Korean nationals posing as IT workers have been extorting their employers after gaining insider access. The post North Korean Fake IT Workers Ex… First seen on securityweek.com Jump to article: www.securityweek.com/north-korean-fake-it-workers-extort-employers-after-stealing-data/
-
Nordkoreanische Cyberspionage gefährdet internationale Sicherheit
In den letzten Jahren hat Nordkorea seine Fähigkeiten in der Cyberspionage enorm ausgebaut und gezielte Hackerangriffe auf internationale Unternehmen … First seen on netzpalaver.de Jump to article: netzpalaver.de/2024/10/10/nordkoreanische-cyberspionage-gefaehrdet-internationale-sicherheit/
-
N. Korean Hackers Use Fake Interviews to Infect Developers with Cross-Platform Malware
Threat actors with ties to North Korea have been observed targeting job seekers in the tech industry to deliver updated versions of known malware fami… First seen on thehackernews.com Jump to article: thehackernews.com/2024/10/n-korean-hackers-use-fake-interviews-to.html
-
North Korean Hackers Deploy Linux FASTCash Malware for ATM Cashouts
First seen on hackread.com Jump to article: hackread.com/north-korean-hackers-linux-fastcash-malware-atm-cashouts/
-
North Korean fake IT worker scheme evolves to include extortion
First seen on scworld.com Jump to article: www.scworld.com/brief/north-korean-fake-it-worker-scheme-evolves-to-include-extortion
-
Undercover North Korean IT workers now steal data, extort employers
North Korean IT professionals who trick Western companies into hiring them are stealing data from the organization’s network and asking for a ransom t… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/undercover-north-korean-it-workers-now-steal-data-extort-employers/
-
A new Linux variant of FASTCash malware targets financial systems
North Korea-linked actors deploy a new Linux variant of FASTCash malware to target financial systems, researcher HaxRob revealed. The cybersecurity re… First seen on securityaffairs.com Jump to article: securityaffairs.com/169860/malware/new-linux-variant-fastcash-malware-targets-financial-systems.html
-
Malicious ads exploited Internet Explorer zero day to drop malware
The North Korean hacking group ScarCruft launched a large-scale attack in May that leveraged an Internet Explorer zero-day flaw to infect targets with… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/malicious-ads-exploited-internet-explorer-zero-day-to-drop-malware/
-
The latest in North Korea’s fake IT worker scheme: Extorting the employers
First seen on therecord.media Jump to article: therecord.media/north-korean-fake-it-workers-extorting-employers
-
How to spot a North Korean agent before they get comfy inside payroll
Tags: north-koreaFirst seen on theregister.com Jump to article: www.theregister.com/2024/09/24/mandiant_north_korea_workers/
-
New FASTCash malware Linux variant helps steal money from ATMs
North Korean hackers are using a new Linux variant of the FASTCash malware to infect the payment switch systems of financial institutions and perform … First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-fastcash-malware-linux-variant-helps-steal-money-from-atms/
-
North Korean Hackers Use New Backdoor And RAT For Attacks
As per recent reports, North Korean hackers have been observed using a new backdoor and remote access trojan as part of their attack campaign. VeilShe… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/10/north-korean-hackers-use-new-backdoor-and-rat-for-attacks/
-
IT-Worker: Verfassungsschutz warnt vor IT-Fachkräften aus Nordkorea
Bei der Suche nach freien IT-Fachkräften werden Unternehmen auch auf Freelancer-Plattformen fündig. Der Bundesverfassungsschutz fordert nun die Wirtsc… First seen on csoonline.com Jump to article: www.csoonline.com/de/a/verfassungsschutz-warnt-vor-it-fachkraeften-aus-nordkorea
-
North Korean Hackers Using New VeilShell Backdoor in Stealthy Cyber Attacks
Threat actors with ties to North Korea have been observed delivering a previously undocumented backdoor and remote access trojan (RAT) called VeilShel… First seen on thehackernews.com Jump to article: thehackernews.com/2024/10/north-korean-hackers-using-new.html
-
North Korean APT Group Kimsuky Exploits DMARC Misconfigurations for Sophisticated Phishing Attacks
Email security has long been a critical pillar in defending organizations against cyberattacks, but recent reports reveal that even widely trusted pro… First seen on securityonline.info Jump to article: securityonline.info/north-korean-apt-group-kimsuky-exploits-dmarc-misconfigurations-for-sophisticated-phishing-attacks/
-
North Korean Threat Actors Deploy Malware via Job-Seeking Scams
First seen on scworld.com Jump to article: www.scworld.com/brief/north-korean-threat-actors-deploy-malware-via-job-seeking-scams
-
Updated malware payloads deployed in new North Korean job seeking scams
First seen on scworld.com Jump to article: www.scworld.com/brief/updated-malware-payloads-deployed-in-new-north-korean-job-seeking-scams
-
Andariel Hacking Group Shifts Focus to Financial Attacks on U.S. Organizations
Three different organizations in the U.S. were targeted in August 2024 by a North Korean state-sponsored threat actor called Andariel as part of a lik… First seen on thehackernews.com Jump to article: thehackernews.com/2024/10/andariel-hacker-group-shifts-focus-to.html
-
Two updated malware strains used in North Korean fake recruiter scams
First seen on therecord.media Jump to article: therecord.media/updated-malware-strains-north-korea
-
North Korea’s ‘Stonefly’ APT Swarms US Private Co’s. for Profit
Despite a $10 million bounty on one member, APT45 is not slowing down, pivoting from intelligence gathering to extorting funds for Kim Jong-Un’s regim… First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/stonefly-apt-us-private-cos-north-korean-profit
-
CIA Seeks Informants In North Korea, Iran, And China
First seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/36427/CIA-Seeks-Informants-In-North-Korea-Iran-And-China.html
-
North Korean Stonefly Group Continues Attacks on US Targets
Symantec’s Threat Hunter Team reveals that Stonefly, a North Korean cyberespionage group, persists in targeting U.S. organizations despite recent indi… First seen on securityonline.info Jump to article: securityonline.info/north-korean-stonefly-group-continues-attacks-on-us-targets/
-
DOJ Wants to Claw Back $2.67 Million Stolen by Lazarus Group
The DOJ wants to seize $2.67 million from the $69 million in crypto the North Korean-backed Lazarus Group stole in from the options exchange Deribit i… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/10/doj-wants-to-claw-back-2-67-million-stolen-by-lazarus-group/
-
N. Korean Hackers Deploy New KLogEXE and FPSpy Malware in Targeted Attacks
Threat actors with ties to North Korea have been observed leveraging two new malware strains dubbed KLogEXE and FPSpy.The activity has been attributed… First seen on thehackernews.com Jump to article: thehackernews.com/2024/09/n-korean-hackers-deploy-new-klogexe-and.html
-
North Korea ‘Shrouded Sleep’ malware campaign targeting Cambodia, other Southeast Asian nations
First seen on therecord.media Jump to article: therecord.media/north-korea-malware-espionage-cambodia