Collaborate Disseminate
North Korean hackers are infiltrating Western companies using fraudulent IT workers to steal sensitive data and extort ransom.… Continue reading Fake North Korean IT Workers Infiltrate Western Firms, Demand Ransom
SecureWorks has released research that dives into the tell-tale behaviors behind remote employees that may be working on behalf of North Korea.
The post Pyongyang on the payroll? Signs that your company has hired a North Korean IT worker appeared first on CyberScoop.
North Korean hackers target Linux-based payment switches with new FASTCash malware, enabling ATM cashouts. Secure your financial infrastructure… Continue reading North Korean Hackers Deploy Linux FASTCash Malware for ATM Cashouts
Undeterred by the indictment issued against one of its alleged members, North Korean APT group Stonefly (aka APT45) continues to target companies in the US, Symantec threat analysts warned. About Stonefly Also known as Andariel and OnyxFleet, Stonefly … Continue reading Private US companies targeted by Stonefly APT
The targeting of Diehl Defence is significant because the company specializes in the production of missiles and ammunition.
The post North Korea Hackers Linked to Breach of German Missile Manufacturer appeared first on SecurityWeek.
Continue reading North Korea Hackers Linked to Breach of German Missile Manufacturer
Mandiant shines the spotlight on the growing infiltration of US and Western companies by North Korean fake IT workers.
The post Mandiant Offers Clues to Spotting and Stopping North Korean Fake IT Workers appeared first on SecurityWeek.
Continue reading Mandiant Offers Clues to Spotting and Stopping North Korean Fake IT Workers
A North Korean group tracked as UNC2970 has been spotted trying to deliver new malware to people in the aerospace and energy industries.
The post North Korean Hackers Lure Critical Infrastructure Employees With Fake Jobs appeared first on SecurityWeek.
Continue reading North Korean Hackers Lure Critical Infrastructure Employees With Fake Jobs
Interesting social engineering attack: luring potential job applicants with fake recruiting pitches, trying to convince them to download malware. From a news article
These particular attacks from North Korean state-funded hacking team Lazarus Group are new, but the overall malware campaign against the Python development community has been running since at least August of 2023, when a number of popular open source Python tools were maliciously duplicated with added malware. Now, though, there are also attacks involving “coding tests” that only exist to get the end user to install hidden malware on their system (cleverly hidden with Base64 encoding) that allows remote execution once present. The capacity for exploitation at that point is pretty much unlimited, due to the flexibility of Python and how it interacts with the underlying OS…
Continue reading Python Developers Targeted with Malware During Fake Job Interviews
Interesting social engineering attack: luring potential job applicants with fake recruiting pitches, trying to convince them to download malware. From a news article
These particular attacks from North Korean state-funded hacking team Lazarus Group are new, but the overall malware campaign against the Python development community has been running since at least August of 2023, when a number of popular open source Python tools were maliciously duplicated with added malware. Now, though, there are also attacks involving “coding tests” that only exist to get the end user to install hidden malware on their system (cleverly hidden with Base64 encoding) that allows remote execution once present. The capacity for exploitation at that point is pretty much unlimited, due to the flexibility of Python and how it interacts with the underlying OS…
Continue reading Python Developers Targeted with Malware During Fake Job Interviews
According to Microsoft researchers, North Korean hackers have been using a Chrome zero-day exploit to steal cryptocurrency.
Continue reading New Chrome Zero-Day