North Korean APT Exploits Novel Chromium, Windows Bugs to Steal Crypto

September 3, 2024 at 05:38PM A North Korean threat actor recently leveraged advanced vulnerabilities in Windows and Chromium browsers to target the cryptocurrency industry. The attacker utilized a type confusion issue in Chromium and a privilege escalation bug in Windows to execute a sophisticated campaign, deploying a rootkit and custom Trojan to compromise targeted systems … Read more

Microsoft: ‘Moonstone Sleet’ APT Melds Espionage, Financial Goals

May 29, 2024 at 04:57PM Microsoft researchers have identified Moonstone Sleet, a North Korean threat group, carrying out espionage and financial cyberattacks using a variety of techniques against aerospace, education, and software organizations. Moonstone Sleet’s multifaceted strategies blend cybercriminal and nation-state actor methodologies, including creating fake companies and distributing custom ransomware and a fake video … Read more

Ex-White House election threat hunter weighs in on what to expect in November

May 9, 2024 at 05:07PM Mick Baccio, global security advisor at Splunk, discusses the evolution of election security threats in the lead-up to the 2024 US elections. He highlights the increased division and influence operations, as well as the potential impact of AI. Baccio also emphasizes the financial vulnerability of election campaigns to cybercriminals. Watch … Read more

SpyLoan Android malware on Google Play downloaded 12 million times

December 5, 2023 at 09:28AM Over 12 million downloads of SpyLoan malicious loan apps on Android have compromised user personal data, leading to theft and blackmail by masquerading as legitimate financial services. Google removed most of these apps after cybersecurity firm ESET’s discovery. Users are advised to be cautious with permissions and trust established financial … Read more