Private US companies targeted by Stonefly APT

Undeterred by the indictment issued against one of its alleged members, North Korean APT group Stonefly (aka APT45) continues to target companies in the US, Symantec threat analysts warned. About Stonefly Also known as Andariel and OnyxFleet, Stonefly … Continue reading Private US companies targeted by Stonefly APT

North Korea Hackers Linked to Breach of German Missile Manufacturer

The targeting of Diehl Defence is significant because the company specializes in the production of missiles and ammunition.
The post North Korea Hackers Linked to Breach of German Missile Manufacturer appeared first on SecurityWeek.
Continue reading North Korea Hackers Linked to Breach of German Missile Manufacturer

Mandiant Offers Clues to Spotting and Stopping North Korean Fake IT Workers

Mandiant shines the spotlight on the growing infiltration of US and Western companies by North Korean fake IT workers.
The post Mandiant Offers Clues to Spotting and Stopping North Korean Fake IT Workers appeared first on SecurityWeek.
Continue reading Mandiant Offers Clues to Spotting and Stopping North Korean Fake IT Workers

North Korean Hackers Lure Critical Infrastructure Employees With Fake Jobs

A North Korean group tracked as UNC2970 has been spotted trying to deliver new malware to people in the aerospace and energy industries.
The post North Korean Hackers Lure Critical Infrastructure Employees With Fake Jobs appeared first on SecurityWeek.
Continue reading North Korean Hackers Lure Critical Infrastructure Employees With Fake Jobs

Python Developers Targeted with Malware During Fake Job Interviews

Interesting social engineering attack: luring potential job applicants with fake recruiting pitches, trying to convince them to download malware. From a news article

These particular attacks from North Korean state-funded hacking team Lazarus Group are new, but the overall malware campaign against the Python development community has been running since at least August of 2023, when a number of popular open source Python tools were maliciously duplicated with added malware. Now, though, there are also attacks involving “coding tests” that only exist to get the end user to install hidden malware on their system (cleverly hidden with Base64 encoding) that allows remote execution once present. The capacity for exploitation at that point is pretty much unlimited, due to the flexibility of Python and how it interacts with the underlying OS…

Continue reading Python Developers Targeted with Malware During Fake Job Interviews

Python Developers Targeted with Malware During Fake Job Interviews

Interesting social engineering attack: luring potential job applicants with fake recruiting pitches, trying to convince them to download malware. From a news article

These particular attacks from North Korean state-funded hacking team Lazarus Group are new, but the overall malware campaign against the Python development community has been running since at least August of 2023, when a number of popular open source Python tools were maliciously duplicated with added malware. Now, though, there are also attacks involving “coding tests” that only exist to get the end user to install hidden malware on their system (cleverly hidden with Base64 encoding) that allows remote execution once present. The capacity for exploitation at that point is pretty much unlimited, due to the flexibility of Python and how it interacts with the underlying OS…

Continue reading Python Developers Targeted with Malware During Fake Job Interviews

Cyber Command leader says budget powers are shaving time to complete tasks that once took years

One example, said Gen. Timothy Haugh, was moving $140 million swiftly for training improvements.

The post Cyber Command leader says budget powers are shaving time to complete tasks that once took years appeared first on CyberScoop.

Continue reading Cyber Command leader says budget powers are shaving time to complete tasks that once took years