North Korea
Lazarus Assault Via 3CX Exposes Need to Rethink Security
When North Korean threat actors the Lazarus Group exploited a legitimate update to the 3CXDesktopApp—a softphone application from 3CX—security professionals didn’t initially pick up on the import of the activity and tactics ...
Mitigating the North Korean Cybersecurity Threat
Cybersecurity firm Kaspersky recently published an analysis that detailed how a North Korean threat actor, which it called the BlueNoroff group, is stealing cryptocurrency by bypassing the “Mark of the Web” flag ...
Warning: N. Korean Job Scams Push Trojans via LinkedIn
Hey, hey, DPRK, how many people will you scam today? ...
Chrome Zero-Day from North Korea
North Korean hackers have been exploiting a zero-day in Chrome. The flaw, tracked as CVE-2022-0609, was exploited by two separate North Korean hacking groups. Both groups deployed the same exploit kit on ...
Graphics Card Web Tracking, Fake Job Ad Scams, Hacker Takes Down North Korea’s Internet
Researchers have discovered a new web tracking technique using your graphics card, scammers are exploiting security weaknesses on job recruitment websites to post fraudulent job postings, and how a hacker single-handedly took ...
US Hacker ‘P4x’ Gets Back at Pyongyang (but We Smell a Rat)
An infosec researcher was hacked by North Korea. U.S. law enforcement did nothing, so he took matters into his own hands ...
Cybercriminals: Frenemies China, Russia, North Korea
The age-old adage that “Criminals crime” is proving true when it comes to the transnational cybercriminals at play. The cybercriminals associated with the forum RAMP (Russian) have reached out to China’s cybercriminals ...
Nation-State Cyberthreats Persist
We are often told how particular threats were the responsibility of a certain nation-state, and that there was difference between those nations and cybercriminals. While it made good copy, the cybersecurity domain ...
Cybersecurity Researchers Targeted, Three iOS Zero-Days, Google FLoC
In episode 158: Cybersecurity researchers targeted by North Korean hackers, Apple patches three iOS zero-day exploits, and details on Google’s Federated Learning of Cohorts (FLoC) which may one day replace third-party cookie ...
How to Protect Your Business From Multi-Platform Malware Systems
The Lazarus Group (also known as Guardians of Peace or Whois) is a notorious cybercrime gang made up of unknown individuals. According to the United States Federal Bureau of Investigations, the group ...
