This report highlights a rarely-discussed but crucially important attack surface: security vendors themselves.
DPRK IT workers exploit GitHub to pose as Asian developers, securing remote jobs to fund missile and nuclear programs.
DPRK 'Contagious Interview' campaign continues to target Mac users with new variants of FERRET malware and Github devs with repo spam.
At CYBERWARCON 2024, Microsoft Threat Intelligence analysts will share research and insights on North Korean and Chinese threat actors representing years of threat actor tracking, infrastructure monitoring and disruption, and their attack tooling.
SentinelLabs has observed a suspected DPRK threat actor targeting Crypto-related businesses with novel multi-stage malware.
A first-ever collaboration between DPRK-based Jumpy Pisces and Play ransomware signals a possible shift in tactics.
Analysis of a newly discovered Linux based variant of the DPRK attributed FASTCash malware along with background information on payment switches used in financial networks.
North Korea's IT workforce presents a persistent and escalating cyber threat.
Two apparently separate North Korean crypto theft campaigns targeting macOS users appear to be linked as threat actors mix and match droppers and payloads.
Elastic Security Labs exposes an attempt by the DPRK to infect blockchain engineers with novel macOS malware.
Threat actors are using increasingly sophisticated forms of evasion and anti-analysis as they respond to increased attention to macOS security in the enterprise.
The world’s most prolific crypto thieves have used Sinbad.io to launder tens of millions. Its creator, “Mehdi,” answers WIRED’s questions.
