Security News

DOJ Charges Nashville Man for Helping North Koreans Get U.S. Tech Jobs
2024-08-09 07:12

The U.S. Department of Justice on Thursday charged a 38-year-old individual from Nashville, Tennessee, for allegedly running a "Laptop farm" to help get North Koreans remote jobs with American and British companies. Court documents allege that Knoot participated in a worker fraud scheme by letting North Korean actors get employment at information technology companies in the U.K. and the U.S. It's believed that the revenue generation efforts are a way to fund North Korea's illicit weapons program.

US dismantles laptop farm used by undercover North Korean IT workers
2024-08-08 22:18

​​The U.S. Justice Department arrested a Nashville man charged with helping North Korean IT workers obtain remote work at companies across the United States and operating a laptop farm they used...

University Professors Targeted by North Korean Cyber Espionage Group
2024-08-08 15:31

The North Korea-linked threat actor known as Kimsuky has been linked to a new set of attacks targeting university staff, researchers, and professors for intelligence gathering purposes. Kimsuky, also known by the names APT43, ARCHIPELAGO, Black Banshee, Emerald Sleet, Springtail, and Velvet Chollima, is just one of the myriad offensive cyber teams operating under the direction of the North Korean government and military.

North Korean Hackers Moonstone Sleet Push Malicious JS Packages to npm Registry
2024-08-06 11:17

The North Korea-linked threat actor known as Moonstone Sleet has continued to push malicious npm packages to the JavaScript package registry with the aim of infecting Windows systems, underscoring the persistent nature of their campaigns. The security arm of the cloud monitoring firm is tracking the threat actor under the name Stressed Pungsan, which exhibits overlaps with a newly discovered North Korean malicious activity cluster dubbed Moonstone Sleet.

North Korean hackers exploit VPN update flaw to install malware
2024-08-05 17:21

South Korea's National Cyber Security Center (NCSC) warns that state-backed DPRK hackers hijacked flaws in a VPN's software update to deploy malware and breach networks. [...]

U.S. DoJ Indicts North Korean Hacker for Ransomware Attacks on Hospitals
2024-07-26 08:55

The U.S. Department of Justice on Thursday unsealed an indictment against a North Korean military intelligence operative for allegedly carrying out ransomware attacks against healthcare facilities in the country and funneling the payments to orchestrate additional intrusions into defense, technology, and government entities across the world. "Rim Jong Hyok and his co-conspirators deployed ransomware to extort U.S. hospitals and health care companies, then laundered the proceeds to help fund North Korea's illicit activities," said Paul Abbate, deputy director of the Federal Bureau of Investigation.

North Korean chap charged for attacks on US hospitals, military, NASA – and even China
2024-07-26 02:58

The US Department of Justice on Thursday charged a North Korean national over a series of ransomware attacks on stateside hospitals and healthcare providers, US defense companies, NASA, and even a Chinese target. An indictment [PDF] named Rim Jong Hyok as a participant in "a conspiracy to hack and extort US hospitals and other health care providers, launder the ransom proceeds, and then use these proceeds to fund additional computer intrusions into defense, technology, and government entities worldwide."

North Korean Hackers Shift from Cyber Espionage to Ransomware Attacks
2024-07-25 14:08

A North Korea-linked threat actor known for its cyber espionage operations has gradually expanded into financially-motivated attacks that involve the deployment of ransomware, setting it apart from other nation-state hacking groups linked to the country. "APT45 is a long-running, moderately sophisticated North Korean cyber operator that has carried out espionage campaigns as early as 2009," researchers Taylor Long, Jeff Johnson, Alice Revelli, Fred Plan, and Michael Barnhart said.

KnowBe4 mistakenly hires North Korean hacker, faces infostealer attack
2024-07-24 17:30

American cybersecurity company KnowBe4 says a person it recently hired as a Principal Software Engineer turned out to be a North Korean state actor who attempted to install information-stealing on its devices. Before hiring the threat actor, KnowBe4 performed background checks, verified the provided references, and conducted four video interviews to ensure they were a real person and that his face matched the one on his CV. However, it was later determined that the person had submitted a U.S. person's stolen identity to dodge the preliminary checks, and also used AI tools to create a profile picture and match that face during the video conference calls.

Security biz KnowBe4 hired fake North Korean techie, who got straight to work ... on evil
2024-07-24 04:57

If it can happen to folks that run social engineering defence training, what hope for the rest of us? Security awareness and training provider KnowBe4 hired a fake North Korean IT worker for a...