Hot Topics

Lazarus Group

GitHub satellite cyberattack Strontium cyberwarfare counter-drone The Legality of Waging War in Cyberspace

GitHub Developers Targeted by North Korea’s Lazarus Group

| | Cybersecurity, GitHub, Lazarus Group, npm, supply chain
The Lazarus Group is behind a social engineering campaign that uses repository invitations and malicious npm packages to target developers on GitHub ...
Security Boulevard
OSINT, Lazarus updates firmware open source Log4j OpenSSF API security dynamic code application

Lazarus Assault Via 3CX Exposes Need to Rethink Security

| | 3CX, Lazarus Group, North Korea, Software Security, supply chain attack, updates
When North Korean threat actors the Lazarus Group exploited a legitimate update to the 3CXDesktopApp—a softphone application from 3CX—security professionals didn’t initially pick up on the import of the activity and tactics ...
Security Boulevard
Warning: N. Korean Job Scams Push Trojans via LinkedIn

Warning: N. Korean Job Scams Push Trojans via LinkedIn

| | APT38, DPRK, Job interviewers can learn from this, Kim Jong-un, Lazarus, Lazarus Group, linkedin, North Korea, SB Blogwatch, ZINC
Hey, hey, DPRK, how many people will you scam today? ...
Security Boulevard
U.S. Indicts North Korean Hackers in Theft of $200 Million

U.S. Indicts North Korean Hackers in Theft of $200 Million

| | AppleJeus, APT 38, Cybersecurity and Infrastructure Agency, Department of Homeland Security, FBI, Ghaleb Alaumary, hidden cobra, Jon Chang Hyok, Kim Il, Lazarus Group, Marine Chain Token, Ne'er-Do-Well News, Park Jin Hyok, Sony Pictures, WannaCry
The U.S. Justice Department today unsealed indictments against three men accused of working with the North Korean regime to carry out some of the most damaging cybercrime attacks over the past decade, ...
Krebs on Security
Ransomware Victims That Pay Up Could Incur Steep Fines from Uncle Sam

Ransomware Victims That Pay Up Could Incur Steep Fines from Uncle Sam

| | Cryptolocker, Eversheds Sutherland, Evgeniy Mikhailovich Bogachev, Evil Corp., Ginger Faulk, Lazarus Group, Office of Foreign Assets Control, Ransomware, samsam ransomware, Treasury Department
Companies victimized by ransomware and firms that facilitate negotiations with ransomware extortionists could face steep fines from the U.S. federal government if the crooks who profit from the attack are already under ...
Krebs on Security
Lazarus Group May Have Hacked Indian Nuclear Power Plant

Lazarus Group May Have Hacked Indian Nuclear Power Plant

| | Hacking, Industry News, Lazarus Group, North Korea, nuclear plant
Authorities from the Nuclear Power Corporation of India Limited (NPCIL) have admitted that malware, believed to originate from the Lazarus Group, infected the administrative network of the Kudankulam Nuclear Power Plant. Initial ...
HOTforSecurity
Jackson County pays ransomware operators $400k to regain access to computers

Jackson County pays ransomware operators $400k to regain access to computers

| | APT, Georgia, Industry News, jackson county, Lazarus, Lazarus Group, North Korea, Ryuk
Officials in Jackson County, a rural area in the southeastern US state of Georgia, were forced over the weekend to pay hackers almost half a million dollars after a ransomware attack brought ...
HOTforSecurity
generative AI network, attack, organizations HEAT attack ransomware threats cyberattacks virtual appliances

North Korean Lazarus Group Starts Targeting Russian Organizations

| | cyberespionage, decryption tool, decryptor, gandcrab, hidden cobra, KEYMARBLE, Lazarus Group, North Korea, Ransomware, remote access tool
In an unusual move, the Lazarus hacking group associated with the North Korean government has recently started targeting organizations from Russia. The group’s primary targets until now have been organizations from countries ...
Security Boulevard
Windows VCF Zero-Day Exploit Allows Remote Code Execution

Windows VCF Zero-Day Exploit Allows Remote Code Execution

| | interbank network, Lazarus Group, Malware, North Korea, PowerRatankba, Redbanc, Remote Code Execution, social engineering, vCard, VCF, Windows vulnerability, Zero-day Exploit
A new unpatched vulnerability in Windows has been disclosed along with proof-of-concept exploit code. It could allow hackers to more easily install malware on computers, but it requires user interaction. The vulnerability ...
Security Boulevard
Cloud Hosting Provider DataResolution.net Battling Christmas Eve Ransomware Attack

Cloud Hosting Provider DataResolution.net Battling Christmas Eve Ransomware Attack

| | Checkpoint, Data breaches, Data Resolution breach, Lazarus Group, Los Angeles Times, Ryuk Ransomware, San Diego Union Tribune
Cloud hosting provider Dataresolution.net is struggling to bring its systems back online after suffering a ransomware infestation on Christmas Eve, KrebsOnSecurity has learned. The company says its systems were hit by the ...
Krebs on Security
Load more