Dream Job, or Is It?

In the summer of 2020, ClearSky, a venture capital and growth equity firm investing in innovative companies in the cybersecurity and sustainable energy sectors, investigated into a campaign dubbed "Dream Job," highly ...

US Sanctions Sinbad Mixer: Disrupting Threats Unveiled

The U.S. Treasury Department recently took a significant step in the ongoing battle against cybercrime by imposing sanctions on Sinbad. It’s a virtual currency mixer utilized by the North Korea-linked Lazarus Group ...
Lazarus Andariel Log4j flaw RAT malware

Lazarus Group Exploits Log4j Flaw in New Malware Campaign

The notorious North Korea-backed Lazarus Group continues to change up its tactics to evade detection, with a new campaign featuring the exploitation of the Log4j critical vulnerability and three new malware families ...
Security Boulevard
North Korea groups mix tactics against macOS

N. Korean Threat Groups Mixing Tactics to Evade Detection

Researchers with Google-owned Mandiant last month wrote about increasing collaboration among North Korea-supported threat groups as one indication of a larger evolution of the regime’s offensive cyber program. The half-dozen or so ...
Security Boulevard

Protect Your Servers: JetBrains TeamCity Flaw Alert

In recent news, Microsoft has issued a warning about a JetBrains TeamCity flaw being exploited by North Korean threat actors. These attacks, linked to the infamous Lazarus Group, pose a significant risk ...
cryptocurrency ransomware

Founders of Crypto Mixer Tornado Cash Indicted for Laundering $1 Billion

The U.S. government is taking a big swing at two founders of the Tornado Cash cryptocurrency mixer that allegedly laundered more than $1 billion in criminal proceeds from cyberthreat actors that include ...
Security Boulevard
Ordr GitHub satellite cyberattack Strontium cyberwarfare counter-drone The Legality of Waging War in Cyberspace

GitHub Developers Targeted by North Korea’s Lazarus Group

The Lazarus Group is behind a social engineering campaign that uses repository invitations and malicious npm packages to target developers on GitHub ...
Security Boulevard
vulnerability curl patch

Lazarus Assault Via 3CX Exposes Need to Rethink Security

When North Korean threat actors the Lazarus Group exploited a legitimate update to the 3CXDesktopApp—a softphone application from 3CX—security professionals didn’t initially pick up on the import of the activity and tactics ...
Security Boulevard
Warning: N. Korean Job Scams Push Trojans via LinkedIn

Warning: N. Korean Job Scams Push Trojans via LinkedIn

Hey, hey, DPRK, how many people will you scam today? ...
Security Boulevard
U.S. Indicts North Korean Hackers in Theft of $200 Million

U.S. Indicts North Korean Hackers in Theft of $200 Million

The U.S. Justice Department today unsealed indictments against three men accused of working with the North Korean regime to carry out some of the most damaging cybercrime attacks over the past decade, ...