Collaborate Disseminate
The targeting of Diehl Defence is significant because the company specializes in the production of missiles and ammunition.
The post North Korea Hackers Linked to Breach of German Missile Manufacturer appeared first on SecurityWeek.
Continue reading North Korea Hackers Linked to Breach of German Missile Manufacturer
The report features the most significant developments relating to APT groups in Q1 2024, including the new malware campaigns DuneQuixote and Durian, and hacktivist activity. Continue reading APT trends report Q1 2024
The US government warns of a North Korean threat actor abusing weak email DMARC settings to hide spear-phishing attacks.
The post US Says North Korean Hackers Exploiting Weak DMARC Settings appeared first on SecurityWeek.
Continue reading US Says North Korean Hackers Exploiting Weak DMARC Settings
The hacking unit is tasked with gathering strategic intelligence.
The post North Korean government hackers target individuals of interest, infosec professionals appeared first on CyberScoop.
Recorded Future calculates that North Korean state-sponsored threat actors are believed to have stolen more than $3 billion in cryptocurrency.
The post North Korean Hackers Have Stolen Over $3 Billion in Cryptocurrency: Report appeared first on Securit… Continue reading North Korean Hackers Have Stolen Over $3 Billion in Cryptocurrency: Report
The veteran hacking crew has been at the heart of Pyongyang’s efforts to gather intelligence by breaching computer systems.
The post U.S. government sanctions prolific North Korean cyber espionage unit appeared first on CyberScoop.
Continue reading U.S. government sanctions prolific North Korean cyber espionage unit
Kimsuky (also known as Thallium, Black Banshee and Velvet Chollima) is a prolific and active threat actor primarily targeting Korea-related entities. In early 2022, we observed this group was attacking the media and a think-tank in South Korea. Continue reading Kimsuky’s GoldDragon cluster and its C2 operations
A North Korean cyber espionage group known primarily for targeting think tanks, advocacy groups, journalists and others related to Pyongyang’s adversaries around the world has been quite prolific in 2021, according to email security firm Proofpoint. The stepped-up action includes launching near-weekly attacks, among them two previously unreported campaigns. In findings published Thursday, the firm examined the activities of a group it refers to as TA406, which it considers to be one of the components of an organization known more broadly as Kimsuky that’s been active since at least 2012. The U.S. government issued a public alert to the private sector in October 2020 about Kimsuky, warning of spearphishing, watering hole attacks and other methods designed to steal credentials. TA406 targets research, education, government, media and other organizations for credential theft, Proofpoint analysts Darien Huss and Selena Larson wrote. The group’s other activities involve financial crimes and sextortion, and an increased use […]
The post Previously unreported North Korean espionage part of busy 2021 for country’s hackers appeared first on CyberScoop.
Three hacking groups connected to the Russian and North Korean governments targeted COVID-19 vaccine and treatment researchers across five nations in recent months, and some of their attacks were successful, Microsoft said Friday. The hackers went after seven prominent companies in Canada, France, India, South Korea and the United States, according to Microsoft. The hacking groups are the Russia-linked Fancy Bear, which Microsoft refers to as Strontium; the North Korea-connected organization Lazarus Group, which Microsoft calls Zinc; and a third North Korean group that Microsoft has not previously mentioned publicly, which it calls Cerium. Microsoft’s alert deepens the breadth of warnings from government agencies and cybersecurity companies: Hackers affiliated with some of the U.S.’s biggest adversaries in cyberspace are hard at work to hack others’ vaccine research. “Among the targets, the majority are vaccine makers that have Covid-19 vaccines in various stages of clinical trials,” Tom Burt, Microsoft’s corporate vice president for customer security and […]
The post Russian, North Korean hackers targeted COVID-19 vaccine researchers — and some attacks got through, Microsoft says appeared first on CyberScoop.
Security researchers say they uncovered more tools associated with a North Korea-linked cyber-espionage group that was the subject of a U.S. government alert last week. The previously undocumented malware and server infrastructure appear to be the work of Kimsuky, an advanced persistent threat (APT) group, according to the researchers with Boston-based Cybereason. U.S. military and civilian agencies issued a joint warning about the APT on Oct. 27, saying the current threat was greatest for “commercial sector businesses,” although Kimsuky has often targeted government agencies, think tanks and other organizations connected to geopolitics. Organizations in the U.S., Europe, Japan, South Korea and Russia appear to be the targets, Cybereason says. Kimsuky also has a history of trying to gather intelligence about sanctions, nuclear policy and other issues salient to the Korean Peninsula. A U.N. Security Council report earlier this year said Kimsuky appeared to be behind hacking attempts against the international body. Kimsuky typically […]
The post More suspected North Korean malware identified after US alert on Kimsuky hackers appeared first on CyberScoop.
Continue reading More suspected North Korean malware identified after US alert on Kimsuky hackers