Security News
Claims to have taken down two colossal networks, with 'Secondary Infektion' schooling 'Spamouflage' Russia appears to be "better" at running online trolling campaigns aimed at pushing its...
North Korean nation-state actors affiliated with the Reconnaissance General Bureau have been attributed to the JumpCloud hack following an operational security blunder that exposed their actual IP address. The intrusion directed against JumpCloud took place on June 22, 2023, as part of a sophisticated spear-phishing campaign that leveraged the unauthorized access to breach fewer than five customers and less than 10 systems in what's called a software supply chain attack.
A hacking unit of North Korea's Reconnaissance General Bureau was linked to the JumpCloud breach after the attackers made an operational security mistake, inadvertently exposing their real-world IP addresses. While North Korean state hackers are known for using commercial VPN services to mask their IP addresses and actual locations, during the JumpCloud attack, the VPNs they were using failed and exposed their location in Pyongyang while connecting to a victim's network.
In this one, we'll dive into operations security threats to the supply chain. How are people threatening the vaccine supply chain?
Microsoft on Wednesday released another report detailing the activities and the methods of the threat actor behind the attack on IT management solutions firm SolarWinds, including their malware delivery methods, anti-forensic behavior, and operational security. In its latest report on the SolarWinds attack, which it tracks as Solorigate, Microsoft explains how the attackers got from the Sunburst malware to the Cobalt Strike loaders, and how they kept the components separated as much as possible to avoid being detected.
New research from Sophos takes an exhaustive look at the Baldr password stealer.
A 34-year-old North Korean national has been charged by U.S. authorities over his alleged involvement in the cyberattacks carried out by the Lazarus Group. An affidavit filed by an FBI special...
Security Compass announced it has expanded on operational security (OpSec) requirements available in the SD Elements’ knowledge library, with support for Microsoft Azure and other application...
An actor making extensive use of scripting languages in attacks on targets in the Middle East demonstrates excellent operational security (OPSEC), researchers from Talos say. read more
Good commentary....