North Korea

North Korean Hackers Steal $1.5B in Cryptocurrency

| | cryptocurrency, Hacking, North Korea, theft, Uncategorized
It looks like a very sophisticated attack against the Dubai-based exchange Bybit: Bybit officials disclosed the theft of more than 400,000 ethereum and staked ethereum coins just hours after it occurred. The ...
Schneier on Security
cryptocurrency ransomware DOJ seize Lazarus

North Korean Hackers Stole $1.34 Billion in Crypto in 2024

| | cryptocurrency, IT worker scam, North Korea
North Korean hackers stole $1.34 billion in cryptocurrency in 2024, more than half of the $2.2 billion stolen in all crypto hacks, and the attacks by threat groups linked to the rogue ...
Security Boulevard
North Korea

WTH? DPRK WFH Ransomware Redux: 3rd Person Charged

| | Andrew M., DPRK, Korea, Korean military, Korean ransomware, Matthew Isaac Knoot, North Korea, North Korean Hacking, North Korean Threat Actors, northkorea, Noth Korea, SB Blogwatch
North Korean army of remote IT workers enabled by Matthew Isaac Knoot, alleges DoJ ...
Security Boulevard

Emulating the Politically Motivated North Korean Adversary Andariel – Part 2

| | adversary emulation, Agricultural, Andariel, Lazarus Group, manufacturing, North Korea, Operation Blacksmith, Professional Services
AttackIQ has released a new attack graph that emulates the behaviors exhibited by the North Korean state-sponsored adversary Andariel during Operation Blacksmith which affected manufacturing, agricultural and physical security companies in multiple ...
AttackIQ

Response to CISA Advisory (AA24-207A): North Korea Cyber Group Conducts Global Espionage Campaign to Advance Regime’s Military and Nuclear Programs

| | adversary emulation, CISA Alert, Defense Industrial Base, Energy, North Korea, Professional Services, Resources & Utilities, transportation
AttackIQ has released a new assessment template in response to the CISA Advisory (AA24-207A) published on July 25, 2024, that highlights cyber espionage activity associated with the Democratic People’s Republic of Korea ...
AttackIQ

Alert: Kimsuky Hacking Group Targets Human Rights Activists

| | Advanced persistent threat (APT), Cyber Attack Tactics, Cybersecurity, Cybersecurity News, Facebook Messenger, Human rights activists, Kimsuky hacking group, Malware, North Korea, social engineering, Social media-based attacks, spear-phishing
As per recent reports a new social engineering attack attributed to the North Korea-linked Kimsuky hacking group is targeting human rights activists using fake Facebook accounts. This tactic, involving fictitious identities, marks ...
TuxCare
Top Target for Cryptomining

RedTail Malware Abuses Palo Alto Flaw in Latest Cryptomining Campaign

| | cryptomining, Malware, North Korea, Palo Alto Firewalls
The group behind the RedTail malware is exploiting a new vulnerability in Palo Alto Network's PAN-OS software to run a sophisticated cryptomining campaign that is likely backed by North Korea ...
Security Boulevard
Some happy, smiling DPRK military men

North Korea IT Worker Scam Brings Malware and Funds Nukes

| | DPRK, Korea, Korean military, Korean ransomware, North Korea, North Korean Hacking, North Korean Threat Actors, northkorea, Noth Korea, SB Blogwatch
WTH? DPRK IT WFH: Justice Department says N. Korean hackers are getting remote IT jobs, posing as Americans ...
Security Boulevard
Three South Korean soldiers stand guard at the DMZ between North and South Korea

South Korean iPhone Ban: MDM DMZ PDQ

| | android, Apple, Apple iOS, Apple iPhone, bring your own device, byod, byod challenges, BYOD policy, BYOD Security, clandestine iPhone tracking, iPhone, iPhone and iPad, iphone security, Korea, Korean military, MDM, military, military grade security, Military Security, Mobile Device Management (MDM), North Korea, northkorea, Noth Korea, Operational military strategy, opsec, Samsung, Samsung Galaxy, SB Blogwatch, South Korea, southkorea
MDM Hindered: Android phones are still OK; this is Samsung’s home, after all ...
Security Boulevard

Konni RAT Malware Attack: Russian Govt. Software Backdoor

| | Cybersecurity, Cybersecurity News, DCSO, DPRK, Fortinet FortiGuard Labs, Konni RAT, malware attack, MID, Ministry of Foreign Affairs, North Korea, Opal Sleet, Osmium, Russian Consular Department, Russian government, software backdoor, TA406
In a recent revelation, German cybersecurity firm DCSO has uncovered the Konni RAT malware attack, which involves the deployment of a Remote Access Trojan. The attackers ingeniously exploited an installer for a ...
TuxCare
Load more