August 5, 2024 at 01:24PM The South Korean National Cyber Security Center (NCSC) warns that state-backed DPRK hackers exploited VPN software flaws to deploy malware and breach networks. The activity is connected to a nationwide industrial modernization project announced by Kim Jong-un. The threat groups implicated are Kimsuky and Andariel, targeting the same sector simultaneously. … Read more
April 24, 2024 at 12:35PM North Korea’s APTs have been spying on South Korean defense contractors for at least a year and a half. Andariel, Kimsuky, and the broader Lazarus Group were involved in espionage campaigns, with details released by South Korean police. The announcement came after North Korea conducted its first-ever nuclear counterattack drill. … Read more
November 27, 2023 at 07:48AM The UK National Cyber Security Centre (NCSC) and Korea’s National Intelligence Service (NIS) have issued a warning about state-sponsored hackers from North Korea targeting government, financial, and defense organizations through software supply chain attacks. The attackers exploited vulnerabilities to precisely target specific organizations. They used a watering hole attack and … Read more
November 24, 2023 at 01:20PM The National Cyber Security Centre (NCSC) and Korea’s National Intelligence Service (NIS) have warned that the North Korean Lazarus hacking group has been breaching companies using a zero-day vulnerability in the MagicLine4NX software. The group primarily targets South Korean institutions and is known for utilizing supply-chain attacks and zero-day vulnerabilities … Read more
November 1, 2023 at 05:36AM State-sponsored threat actors from North Korea’s Lazarus Group have been targeting blockchain engineers of a crypto exchange platform through Discord using a new macOS malware called KANDYKORN. The attacks involve social engineering lures and a multi-stage process to deliver the malware. The Lazarus Group has previously used macOS malware in … Read more