Security News
This joint advisory is the result of analytic efforts among the Cybersecurity and Infrastructure Security Agency, the Department of the Treasury, the Federal Bureau of Investigation and U.S. Cyber Command. Working with U.S. government partners, CISA, Treasury, FBI, and USCYBERCOM identified malware and indicators of compromise used by the North Korean government in an automated teller machine cash-out scheme - referred to by the U.S. Government as "FASTCash 2.0: North Korea's BeagleBoyz Robbing Banks."
North Korean government hackers dubbed the BeagleBoyz are trying to electronically rob banks, the United States warned this week. In one such successful instance, they swiped $81m from the Bank of Bangladesh in 2016, a theft previously attributed to North Korea.
A report published recently by the U.S. Army describes North Korea's cyber warfare capabilities and provides information on various units and their missions. In terms of computer warfare, the Army says North Korea primarily conducts these types of attacks because they represent a low-cost and low-risk method for targeting the enemy's computers, they can be used to counter the enemy's superior conventional military capabilities, and they can "Upset the status quo with little fear of retaliation."
The Council of the European Union has imposed its first-ever sanctions against persons or entities involved in various cyber-attacks targeting European citizens, and its member states. Out of the six individuals sanctioned by the EU include two Chinese citizens and four Russian nationals.
Hackers linked to the North Korean government appear to be behind the Magecart attacks on fashion retailer Claire's and other online stores, Netherlands-based e-commerce security company Sansec reported on Monday. Threat actors linked to North Korea have been known to launch - in addition to espionage and destructive campaigns - financially-motivated attacks, including against cryptocurrency exchanges and banks.
Organizations in the aerospace and military sectors were compromised in a highly targeted cyber-espionage campaign that shows a possible link to North Korean hackers, ESET reveals. The threat actor behind these attacks remains unknown, but ESET believes it could be linked to the infamous North Korean state-sponsored group Lazarus, based on targeting, the use of fake LinkedIn accounts, development tools, and anti-analysis methods.
A threat actor linked to South Korea has launched attacks against Chinese government agencies using a zero-day vulnerability affecting a local VPN service, Chinese cybersecurity firm Qihoo 360 reported on Monday. Qihoo 360 does not directly accuse South Korea of being behind the attacks, but says the threat actor is located in the Korean Peninsula and notes that its victims include North Korea.
Malware hunters are sounding the alarm over a new, more effective version of the North Korean "Apple Jeus" macOS software nasty. "To attack macOS users, the Lazarus group has developed homemade macOS malware, and added an authentication mechanism to deliver the next stage payload very carefully, as well as loading the next-stage payload without touching the disk."
A cyber-espionage group has targeted hundreds of industrial companies in South Korea and other countries using malware designed to help hackers steal passwords and documents, industrial...
Microsoft’s December 2019 Patch Tuesday updates fix a total of 36 vulnerabilities, including a Windows zero-day that has been exploited in attacks alongside a Chrome zero-day. read more