Security News

The US Justice Department had unsealed charges against a US woman and an Ukranian man who, along with three unidentified foreign nationals, have allegedly helped North Korean IT workers work remotely for US companies under assumed US identities and thus evade sanctions. According to the court documents, the conspirators defrauded over 300 US companies by using US payment platforms and online job site accounts, proxy computers located in the United States, and witting and unwitting US persons and entities.

They were allegedly involved between October 2020 and October 2023 in a campaign coordinated by the North Korean government "To infiltrate U.S. job markets through fraud in an effort to raise revenue for the North Korean government and its illicit nuclear program." Today, the U.S. State Department announced a reward of up to $5 million for any information related to Chapman's co-conspirators, the North Korean IT workers charged today, and their manager, only known as Zhonghua.

The North Korea-linked Kimsuky hacking group has been attributed to a new social engineering attack that employs fictitious Facebook accounts to targets via Messenger and ultimately delivers...

The North Korean threat actor tracked as Kimsuky has been observed deploying a previously undocumented Golang-based malware dubbed Durian as part of highly-targeted cyber attacks aimed at South...

The NSA and FBI warned that the APT43 North Korea-linked hacking group exploits weak email Domain-based Message Authentication Reporting and Conformance policies to mask spearphishing attacks. Together with the U.S. State Department, the two agencies cautioned that the attackers abuse misconfigured DMARC policies to send spoofed emails which appear to come from credible sources such as journalists, academics, and other experts in East Asian affairs.

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Microsoft has revealed that North Korea-linked state-sponsored cyber actors has begun to use artificial intelligence (AI) to make its operations more effective and efficient. "They are learning to...

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Japan's Computer Security Incident Response Team is warning that the notorious North Korean hacking group Lazarus has uploaded four malicious PyPI packages to infect developers with malware. PyPI is a repository of open-source software packages that software developers can utilize in their Python projects to add additional functionality to their programs with minimal effort.

A set of fake npm packages discovered on the Node.js repository has been found to share ties with North Korean state-sponsored actors, new findings from Phylum show. The packages are named...