UK and South Korea agencies warn that North Korea-linked APT Lazarus is using a MagicLine4NX zero-day flaw in supply-chain attack The National Cyber Security Centre (NCSC) and Korea’s National Intelligence Service (NIS) released a joint warning that the North Korea-linked Lazarus hacking group is exploiting a zero-day vulnerability in the MagicLine4NX software to carry out […]
North Korea-linked APT group Sapphire Sleet set up bogus skills assessment portals in attacks aimed at IT job seekers. The North Korea-linked APT group Sapphire Sleet (aka APT38, BlueNoroff, CageyChameleon, and CryptoCore) is considered a sub-group of the popular Lazarus APT group. The APT group’s campaigns focus on cryptocurrency exchanges, venture capital firms, and banks. […]
The North Korea-linked APT BlueNoroff used a new strain of macOS malware strain dubbed ObjCShellz, Jamf Threat Labs reported. Researchers from Jamf Threat Labs discovered a new macOS malware strain dubbed ObjCShellz and attributed it to North Korea-linked APT BlueNoroff. The experts noticed that the ObjCShellz malware shares similarities with the RustBucket malware campaign associated with the BlueNoroff APT […]
The U.S. government seized 17 website domains used by North Korean IT workers in a fraudulent scheme to defraud businesses worldwide. The U.S. government announced the seizure of 17 website domains used by North Korean information technology (IT) workers as part of a fraudulent scheme illicit scheme to defraud businesses worldwide. The illicit funds defraud U.S. and […]
North Korea-linked threat actors are actively exploiting a critical vulnerability CVE-2023-42793 in JetBrains TeamCity. Microsoft warns that North Korea-linked threat actors are actively exploiting a critical security vulnerability, tracked as CVE-2023-42793 (CVSS score: 9.8), in JetBrains TeamCity. CVE-2023-42793 is an authentication bypass issue affecting the on-premises version of TeamCity. An attacker can exploit the flaw to steal […]
North Korea-linked APT group Lazarus has laundered $900 million worth of cryptocurrency, Elliptic researchers reported. Researchers from blockchain analytics firm Elliptic reported that threat actors has already laundered a record $7 billion through cross-chain crime. The term “Cross-chain crime” is used to refer to the swapping of cryptoassets between different tokens or blockchains to launder […]
The North Korea-linked APT group Lazarus has stolen more than $240 million worth of cryptocurrency since June 2023, researchers warn. According to a report published by blockchain cyber security firm Elliptic, in the past 104 days, the North Korea-linked APT group Lazarus has stolen most of $240 million in crypto assets from multiple businesses, including […]
North Korea-linked threat actors associated with North Korea exploited a zero-day flaw in attacks against cybersecurity experts. North Korea-linked threat actors were observed exploiting a zero-day vulnerability in an unnamed software to target cybersecurity researchers. The attacks that took place in the past weeks were detected by researchers at Google’s Threat Analysis Group (TAG). “Recently, […]
ReversingLabs researchers linked the VMConnect campaign to the North Korea-linked APT group Labyrinth Chollima. ReversingLabs researchers believe that the North Korea-linked APT group Labyrinth Chollima is behind the VMConnect campaign. Threat actors uploaded a series of malicious packages to the PyPI (Python Package Index) repository, including a rogue package posing as the VMware vSphere connector […]
The North Korea-linked Lazarus group exploits a critical flaw in Zoho ManageEngine ServiceDesk Plus to deliver the QuiteRAT malware. The North Korea-linked APT group Lazarus has been exploiting a critical vulnerability, tracked as CVE-2022-47966, in Zoho’s ManageEngine ServiceDesk in attacks aimed at the Internet backbone infrastructure provider and healthcare organizations. The state-sponsored hackers targeted entities […]