Pierluigi Paganini
October 05, 2017
Dyn Research discovered traffic coming from North Korea running over the Russian TransTeleCom network, this is the second internet route of the regime. North Korea gets a second Internet connection thanks to the support of a state-owned Russian firm. From the perspective of security analysts, this second connection will improve in a significant way the cyber […]
Pierluigi Paganini
August 14, 2017
The North Korea-linked Lazarus APT group as Lazarus is believed to be behind attacks targeting United States defense contractors. According to Palo Alto Networks, the North Korea-linked Lazarus APT group as Lazarus is believed to be behind attacks targeting United States defense contractors. The activity of the Lazarus APT Group surged in 2014 and 2015, […]
Pierluigi Paganini
August 10, 2017
Experts at Cylance noticed that the decoy document used in KONNI attacks is similar to the one used in recent campaigns of the DarkHotel APT. In May, Cisco Talos team discovered a RAT dubbed KONNI malware that targets organizations linked to North Korea. The malware, dubbed by researchers “KONNI,” was undetected for more than 3 years and was used […]
Pierluigi Paganini
June 14, 2017
The United States Computer Emergency Readiness Team (US-CERT) issued a technical alert about the activity of the North Korea’s ‘Hidden Cobra’ APT group. The joint Technical Alert (TA) report is the result of the efforts between of the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). The US Government has tracked […]
Pierluigi Paganini
May 31, 2017
Moscow-based threat intelligence firm Group-IB published a report that details evidence linking the Lazarus APT Group to North Korea. Researchers at security firm Group-IB released a report that links the notorious Lazarus APT to North Korea. The activity of the Lazarus Group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks […]
Pierluigi Paganini
May 16, 2017
In the IT security community several experts start linking the WannaCry ransomware to the Lazarus Group due to similarities in the attack codes. The security researcher at Google Neel Mehta published a mysterious tweet using the #WannaCryptAttribution hashtag. What did he mean? 9c7c7149387a1c79679a87dd1ba755bc @ 0x402560, 0x40F598ac21c8ad899727137c4b94458d7aa8d8 @ 0x10004ba0, 0x10012AA4#WannaCryptAttribution — Neel Mehta (@neelmehta) May 15, 2017 According […]
Pierluigi Paganini
May 05, 2017
Cisco Talos team discovered a RAT dubbed KONNI malware that target organizations linked to North Korea. Here you are an analysis of its evolution. Security researchers at Cisco Talos team have discovered a remote access Trojan (RAT) that target organizations linked to North Korea. The malware, dubbed by researchers “KONNI,” was undetected for more than 3 years and […]
Pierluigi Paganini
March 24, 2017
US federal prosecutors speculate the involvement of North Korea in the cyber heist of $81 million from Bangladesh’s account at the New York Federal Reserve Bank. The news was reported by The Wall Street Journal, prosecutors suspect the involvement of Chinese middlemen who helped the Government of Pyongyang to organize the cyber theft. In February 2016, unknown hackers transferred […]
Pierluigi Paganini
February 24, 2017
South Korea is once against under attack, alleged nation-state hackers have launched a sophisticated cyber espionage campaign on organizations in the public sector. According to the experts at Cisco Talos, the cyber espionage campaign was active between November 2016 and January 2017 and leveraged on vulnerabilities in a Korean language word processing program (Hangul Word […]
Pierluigi Paganini
September 20, 2016
A mistake allowed us a peek into the North Korea Internet infrastructure, a security researcher discovered that Pyongyang has just 28 websites. The North Korea is one of the countries that most of all is investing to improve its cyber capabilities and that has one of the largest cyber armies. But North Korea is also known for […]
Hacking / November 23, 2024
