Tag: north-korea
-
Palo Alto Networks Releases Fixes for Firewall Zero-Day as First Attribution Attempts Emerge
Palo Alto Networks has started releasing hotfixes for the firewall zero-day CVE-2024-3400, which some have linked to North Korea’s Lazarus. The post … First seen on securityweek.com Jump to article: www.securityweek.com/palo-alto-networks-releases-fixes-for-firewall-zero-day-as-first-attribution-attempts-emerge/
-
N. Korea-linked Kimsuky Shifts to Compiled HTML Help Files in Ongoing Cyberattacks
The North Korea-linked threat actor known as Kimsuky (aka Black Banshee, Emerald Sleet, or Springtail) has been observed shifting its tactics, leverag… First seen on thehackernews.com Jump to article: thehackernews.com/2024/03/n-korea-linked-kimsuky-shifts-to.html
-
It’s 2024 And North Korea’s Kimsuky Gang Is Exploiting Windows Help Files
First seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/35682/Its-2024-And-North-Koreas-Kimsuky-Gang-Is-Exploiting-Windows-Help-Files.html
-
UN’s North Korean crypto heist investigation underway
First seen on scmagazine.com Jump to article: www.scmagazine.com/brief/uns-north-korean-crypto-heist-investigation-underway
-
North Korea-Linked Group Levels Multistage Cyberattack on South Korea
Kimsuky-attributed campaign uses eight steps to compromise systems ” from initial execution to downloading additional code from Dropbox, and executing… First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/north-korea-linked-group-level-multistage-cyberattack-on-south-korea
-
North Korea’s Kimsuky Group Equipped to Exploit Windows Help files
Cybersecurity experts have uncovered a sophisticated cyber espionage campaign orchestrated by the North Korean threat actor group Kimsuky, Black Bansh… First seen on gbhackers.com Jump to article: gbhackers.com/kimsuky-group-exploit-windows-help-files/
-
Cryptohack Roundup: Ray Eviscerates Bankman-Fried
Also: CryptoFX Ponzi Scheme, North Korean Hackers Gonna Hack. This week, FTX emergency CEO John Ray filleted previous CEO Sam Bankman-Fried, the SEC c… First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/cryptohack-roundup-ray-eviscerates-bankman-fried-a-24682
-
North Koreas Kimsuky Group Equipped to Exploit Windows Help files
Cybersecurity experts have uncovered a sophisticated cyber espionage campaign orchestrated by the North Korean threat actor group Kimsuky, Black Bansh… First seen on gbhackers.com Jump to article: gbhackers.com/kimsuky-group-exploit-windows-help-files/
-
Its 2024 And North Koreas Kimsuky Gang Is Exploiting Windows Help Files
First seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/35682/Its-2024-And-North-Koreas-Kimsuky-Gang-Is-Exploiting-Windows-Help-Files.html
-
Lazarus APT group returned to Tornado Cash to launder stolen funds
North Korea-linked Lazarus APT group allegedly using again the mixer platform Tornado Cash to launder $23 million. North Korea-linked Lazarus APT gro… First seen on securityaffairs.com Jump to article: securityaffairs.com/160525/breaking-news/lazarus-apt-returned-tornado-cash.html
-
Japan Blames North Korea for PyPI Supply Chain Cyberattack
First seen on darkreading.com Jump to article: www.darkreading.com/application-security/japan-blames-north-korea-for-pypi-supply-chain-cyberattack
-
North Korea Hits ScreenConnect Bugs to Drop ‘ToddleShark’ Malware
North Korea’s latest espionage tool is tough to pin down, with random generators that throw detection mechanisms off its scent. The DPRK is using the … First seen on darkreading.com Jump to article: www.darkreading.com/remote-workforce/north-korea-screenconnect-bugs-toddleshark-malware
-
Hackers Exploit ConnectWise ScreenConnect Flaws to Deploy TODDLERSHARK Malware
North Korean threat actors have exploited the recently disclosed security flaws in ConnectWise ScreenConnect to deploy a new malware called;TODDLERSHA… First seen on thehackernews.com Jump to article: thehackernews.com/2024/03/hackers-exploit-connectwise.html
-
ScreenConnect flaws exploited to drop new ToddlerShark malware
The North Korean APT hacking group Kimsuky is exploiting ScreenConnect flaws, particularly CVE-2024-1708 and CVE-2024-1709, to infect targets with a n… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/screenconnect-flaws-exploited-to-drop-new-toddlershark-malware/
-
Seoul Spies Say North Korea Hackers Stole Semiconductor Secrets
The DPRK is using cyberattacks to steal designs and other data from South Korean microchip manufacturers, according to Seoul’s National Intelligence S… First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/seoul-spies-say-north-korea-hackers-stole-semiconductor-secrets
-
ScreenConnect flaws exploited to drop new ToddleShark malware
The North Korean APT hacking group Kimsuky is exploiting ScreenConnect flaws, particularly CVE-2024-1708 and CVE-2024-1709, to infect targets with a n… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/screenconnect-flaws-exploited-to-drop-new-toddleshark-malware/
-
North Korean Hackers Targeting Developers with Malicious npm Packages
A set of fake npm packages discovered on the Node.js repository has been found to share ties with North Korean state-sponsored actors, new findings fr… First seen on thehackernews.com Jump to article: thehackernews.com/2024/02/north-korean-hackers-targeting.html
-
Lazarus Exploits Typos to Sneak PyPI Malware into Dev Systems
The notorious North Korean state-backed hacking group Lazarus uploaded four packages to the Python Package Index (PyPI) repository with the goal of in… First seen on thehackernews.com Jump to article: thehackernews.com/2024/02/lazarus-exploits-typos-to-sneak-pypi.html
-
North Korea hacks two South Korean chip firms to steal engineering data
The National Intelligence Service (NIS) in South Korea warns that North Korean hackers target domestic semiconductor manufacturers in cyber espionage … First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/north-korea-hacks-two-south-korean-chip-firms-to-steal-engineering-data/
-
Microsoft Zero-Day Used by Lazarus in Rootkit Attack
North Korean state actors Lazarus Group used a Windows AppLocker zero-day, along with a new and improved rootkit, in a recent cyberattack, researchers… First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/microsoft-zero-day-used-by-lazarus-in-rootkit-attack
-
Microsoft Zero Day Used by Lazarus in Rootkit Attack
North Korean state actors Lazarus Group used a Windows AppLocker zero day, along with a new and improved rootkit, in a recent cyberattack, researchers… First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/microsoft-zero-day-used-by-lazarus-in-rootkit-attack
-
Windows Zero Day Exploited By North Korean Hackers In Rootkit Attack
First seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/35596/Windows-Zero-Day-Exploited-By-North-Korean-Hackers-In-Rootkit-Attack.html
-
Lazarus hackers exploited Windows zero-day to gain Kernel privileges
North Korean threat actors known as the Lazarus Group exploited a flaw in the Windows AppLocker driver (appid.sys) as a zero-day to gain kernel-level … First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/lazarus-hackers-exploited-windows-zero-day-to-gain-kernel-privileges/
-
Japan warns of malicious PyPi packages created by North Korean hackers
Tags: computer, group, hacker, hacking, incident response, lazarus, malicious, north-korea, pypi, security-incidentJapan’s Computer Security Incident Response Team (JPCERT/CC) is warning that the notorious North Korean hacking group Lazarus has uploaded four malici… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/japan-warns-of-malicious-pypi-packages-created-by-north-korean-hackers/
-
Lovers’ Spat? North Korea Backdoors Russian Foreign Affairs Ministry
First Brad and Jennifer, now Kim and Putin? Romance truly is dead, as North Korea is caught spying (again) on its partner to the north with the Konni … First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/north-korea-backdoors-russian-foreign-affairs-ministry
-
North Korean hackers linked to defense sector supply-chain attack
Tags: advisory, attack, cyber, defense, germany, hacker, intelligence, korea, north-korea, service, supply-chainIn an advisory today Germany’s federal intelligence agency (BfV) and South Korea’s National Intelligence Service (NIS) warn of an ongoing cyber-espion… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/north-korean-hackers-linked-to-defense-sector-supply-chain-attack/
-
Verfassungsschutz und Südkorea warnen: Nordkorea attackiert Rüstungsunternehmen
First seen on heise.de Jump to article: heise.de/news/Verfassungsschutz-und-Suedkorea-warnen-Nordkorea-attackiert-Ruestungsunternehmen-9632155.html
-
North Korean hackers now launder stolen crypto via YoMix tumbler
The North Korean hacker collective Lazarus, infamous for having carried out numerous large-scale cryptocurrency heists over the years, has switched to… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/north-korean-hackers-now-launder-stolen-crypto-via-yomix-tumbler/
-
OpenAI blocks state-sponsored hackers from using ChatGPT
OpenAI has removed accounts used by state-sponsored threat groups from Iran, North Korea, China, and Russia, that were abusing its artificial intellig… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/openai-blocks-state-sponsored-hackers-from-using-chatgpt/
-
KI für Cyberattacken: ChatGPT sperrt regierungsnahe Hacker aus
Regierungsnahe Hacker aus China, Iran, Nordkorea und Russland haben als Kunden Technologie hinter dem Chatbot ChatGPT genutzt, um ihre Angriffe zu ver… First seen on csoonline.com Jump to article: www.csoonline.com/de/a/chatgpt-sperrt-regierungsnahe-hacker-aus