Dyn Research discovered traffic coming from North Korea running over the Russian TransTeleCom network, this is the second internet route of the regime. North Korea gets a second Internet connection thanks to the support of a state-owned Russian firm. From the perspective of security analysts, this second connection will improve in a significant way the cyber […]
The North Korea-linked Lazarus APT group as Lazarus is believed to be behind attacks targeting United States defense contractors. According to Palo Alto Networks, the North Korea-linked Lazarus APT group as Lazarus is believed to be behind attacks targeting United States defense contractors. The activity of the Lazarus APT Group surged in 2014 and 2015, […]
Experts at Cylance noticed that the decoy document used in KONNI attacks is similar to the one used in recent campaigns of the DarkHotel APT. In May, Cisco Talos team discovered a RAT dubbed KONNI malware that targets organizations linked to North Korea. The malware, dubbed by researchers âKONNI,â was undetected for more than 3 years and was used […]
The United States Computer Emergency Readiness Team (US-CERT) issued a technical alert about the activity of the North Koreaâs ‘Hidden Cobra’ APT group. The joint Technical Alert (TA) report is the result of the efforts between of the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). The US Government has tracked […]
Moscow-based threat intelligence firm Group-IB published a report that details evidence linking the Lazarus APT Group to North Korea. Researchers at security firm Group-IB released a report that links the notorious Lazarus APTÂ to North Korea. The activity of the Lazarus Group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks […]
In the IT security community several experts start linking the WannaCry ransomware to the Lazarus Group due to similarities in the attack codes. The security researcher at Google Neel Mehta published a mysterious tweet using the #WannaCryptAttribution hashtag. What did he mean? 9c7c7149387a1c79679a87dd1ba755bc @ 0x402560, 0x40F598ac21c8ad899727137c4b94458d7aa8d8 @ 0x10004ba0, 0x10012AA4#WannaCryptAttribution — Neel Mehta (@neelmehta) May 15, 2017 According […]
Cisco Talos team discovered a RAT dubbed KONNI malware that target organizations linked to North Korea. Here you are an analysis of its evolution. Security researchers at Cisco Talos team have discovered a remote access Trojan (RAT) that target organizations linked to North Korea. The malware, dubbed by researchers âKONNI,â was undetected for more than 3 years and […]
US federal prosecutors speculate the involvement of North Korea in the cyber heist of $81 million from Bangladesh’s account at the New York Federal Reserve Bank. The news was reported by The Wall Street Journal, prosecutors suspect the involvement of Chinese middlemen who helped the Government of Pyongyang to organize the cyber theft. In February 2016, unknown hackers transferred […]
South Korea is once against under attack, alleged nation-state hackers have launched a sophisticated cyber espionage campaign on organizations in the public sector. According to the experts at Cisco Talos, the cyber espionage campaign was active between November 2016 and January 2017 and leveraged on vulnerabilities in a Korean language word processing program (Hangul Word […]
A mistake allowed us a peek into the North Korea Internet infrastructure, a security researcher discovered that Pyongyang has just 28 websites. The North Korea is one of the countries that most of all is investing to improve its cyber capabilities and that has one of the largest cyber armies. But North Korea is also known for […]