North Korea
WTH? DPRK WFH Ransomware Redux: 3rd Person Charged
North Korean army of remote IT workers enabled by Matthew Isaac Knoot, alleges DoJ ...
Emulating the Politically Motivated North Korean Adversary Andariel – Part 2
AttackIQ has released a new attack graph that emulates the behaviors exhibited by the North Korean state-sponsored adversary Andariel during Operation Blacksmith which affected manufacturing, agricultural and physical security companies in multiple ...
Response to CISA Advisory (AA24-207A): North Korea Cyber Group Conducts Global Espionage Campaign to Advance Regime’s Military and Nuclear Programs
AttackIQ has released a new assessment template in response to the CISA Advisory (AA24-207A) published on July 25, 2024, that highlights cyber espionage activity associated with the Democratic People’s Republic of Korea ...
Alert: Kimsuky Hacking Group Targets Human Rights Activists
As per recent reports a new social engineering attack attributed to the North Korea-linked Kimsuky hacking group is targeting human rights activists using fake Facebook accounts. This tactic, involving fictitious identities, marks ...
RedTail Malware Abuses Palo Alto Flaw in Latest Cryptomining Campaign
The group behind the RedTail malware is exploiting a new vulnerability in Palo Alto Network's PAN-OS software to run a sophisticated cryptomining campaign that is likely backed by North Korea ...
North Korea IT Worker Scam Brings Malware and Funds Nukes
WTH? DPRK IT WFH: Justice Department says N. Korean hackers are getting remote IT jobs, posing as Americans ...
South Korean iPhone Ban: MDM DMZ PDQ
MDM Hindered: Android phones are still OK; this is Samsung’s home, after all ...
Konni RAT Malware Attack: Russian Govt. Software Backdoor
In a recent revelation, German cybersecurity firm DCSO has uncovered the Konni RAT malware attack, which involves the deployment of a Remote Access Trojan. The attackers ingeniously exploited an installer for a ...
N. Korean Threat Groups Mixing Tactics to Evade Detection
Researchers with Google-owned Mandiant last month wrote about increasing collaboration among North Korea-supported threat groups as one indication of a larger evolution of the regime’s offensive cyber program. The half-dozen or so ...
UK, South Korea Warn of North Korea Supply-Chain Attacks
The cybersecurity agencies in the UK and South Korea are warning of the growing threat of North Korea-linked threat groups using zero-day and third-party exploits to launch software supply-chain attacks. The hackers ...
