October 2, 2024 at 05:49PM North Korean APT group “Stonefly” has pivoted to targeting US private companies for financial gain, evading a recent US indictment and $10 million bounty. Previously focused on espionage, the group deployed Backdoor.Preft and Nukebot in August attacks, intending ransomware deployment. Businesses should watch for Stonefly’s indicators of compromise to guard … Read more
August 8, 2024 at 09:18AM The US Department of State is offering a reward of up to $10 million for information on Iranian nationals accused of hacking industrial control systems. The individuals are linked to Iran’s Islamic Revolutionary Guard Corps and a hacker group named Cyber Av3ngers. The US government believes Cyber Av3ngers is a … Read more
August 5, 2024 at 01:24PM The South Korean National Cyber Security Center (NCSC) warns that state-backed DPRK hackers exploited VPN software flaws to deploy malware and breach networks. The activity is connected to a nationwide industrial modernization project announced by Kim Jong-un. The threat groups implicated are Kimsuky and Andariel, targeting the same sector simultaneously. … Read more
July 26, 2024 at 02:34PM The US Department of Justice has unsealed an indictment of a North Korean military intelligence operative, Rom Jong Hyok, accused of carrying out ransomware attacks against US healthcare facilities, and funneling the ransom payments to other breaches globally. The hacking crew, Andariel, controlled by DPRK’s military intelligence agency, poses an … Read more
July 26, 2024 at 07:03AM The US Department of State is offering a $10 million reward for information on Rim Jong Hyok, a North Korean national charged with hacking hospitals, military bases, and NASA. Operating on behalf of a North Korean military intelligence agency, Rim and his group, APT45, have targetted foreign businesses, government entities, … Read more
July 25, 2024 at 11:03AM North Korea-linked threat actor APT45 is expanding into financially-motivated attacks using ransomware, marking a shift from traditional cyber espionage. It is associated with deploying ransomware families SHATTEREDGLASS and Maui, targeting entities in South Korea, Japan, and the U.S. The group is also linked to malware such as Dtrack and has … Read more