Cybercrime, the VMConnect campaign is continuing
The ReversingLabs cybersecurity experts find 3 more malicious Python packages by the Lazarus North Korea’s APT.
Asia, North Korea unveils two new military drones
The occasion was Shoigu's visit to Pyongyang. Visually they mimic the Global Hawk and Predator B (MQ-9 Reaper), but the characteristics are unknown. Are they modern UAVs or a Kim Jong Un bluff?
Cyber Espionage, Kimsuky now impersonate targets to collect intel
NSA, FBI and ROK illustrate the DPRK hackers TTP, used to lure the victims and steal sensitive info. Especially with social engineering and spear phishing.
Cybercrime, Lazarus spreads Applejeus via fake cryptocurrency apps
Volexity cybersecurity experts: The North Korea’s APT uses a fake trading website, that mimic a legit one, and DLL Side-loading to distribute the malware.
Cybercrime, Lazarus hit Europe and Latin America with a new DTrack version
Kaspersky cybersecurity experts: North Korea-linked malware hides itself inside an executable that looks like a legitimate program and has several stages of decryption before starting.
Cybercrime, North Korea targets SMEs with H0lyGh0st ransomware
Microsoft cybersecurity experts: The group, aka DEV-0530, has connections with PLUTONIUM (aka DarkSeoul or Andariel).
Cybercrime, Maui used by North Korean hackers to target Healthcare and Public Health
CISA, FBI and Treasury cybersecurity experts: The ransomware appears to be designed for manual execution by remote actors.
Cybercrime, North Korea’s IT experts try to get hired in the West to steal money
US cybersecurity experts: They exploit fictitious identities and pretend to be elsewhere. They are mainly proposed for remote jobs and involving cryptocurrencies.
Cyber Espionage, APT37 targets journalists with Goldbackdoor
Stairwell cybersecurity experts: The new North Korea’s malware spread via messages sent from the personal email of a former director of South Korea’s National Intelligence Service (NIS).
Cybercrime, Lazarus targets blockchain companies with TraderTraitor
The North Korea’s APT uses spear phishing emails to cryptocurrency firm employees that mimic recruitments for high-paying jobs: Goal: to download the malware.