North Korea targets crypto developers via NPM supply chain attack Yet another cash grab from Kim's cronies and an intel update from Microsoft Research13 Feb 2025 | 8
Arizona laptop farmer pleads guilty for funneling $17M to Kim Jong Un 300+ US companies, 70+ individuals hit by the fraudsters Cyber-crime12 Feb 2025 | 20
North Koreans clone open source projects to plant backdoors, steal credentials Stealing crypto is so 2024. Supply-chain attacks leading to data exfil pays off better? Devops29 Jan 2025 | 2
DARPA asking for ideas on automating money laundering detection With all the AI hype swirling around, you'd think someone would've cracked this one already Software28 Jan 2025 | 22
North Korean dev who renamed himself 'Bane' accused of IT worker fraud caper 5 indicted as FBI warns North Korea dials up aggression, plus Russian devs allegedly get in on the act Cyber-crime24 Jan 2025 | 2
Datacus extractus: Harry Potter publisher breached without resorting to magic Infosec in brief PLUS: Allstate sued for allegedly tracking drivers; Dutch DDoS; More fake jobs from Pyongyang; and more Security20 Jan 2025 | 7
When food delivery apps reached Indonesia, everyone put on weight Asia In Brief PLUS: Salt Typhoon and IT worker scammers sanctioned; Alibaba Cloud’s K8s go global; Amazon acquires Indian BNPL company Software20 Jan 2025 | 5
Crypto klepto North Korea stole $659M over just 5 heists last year US, Japan, South Korea vow to intensify counter efforts Cyber-crime15 Jan 2025 | 13
UK ICO not happy with Google's plans to allow device fingerprinting Infosec in brief Also, Ascension notifies 5.6M victims, Krispy Kreme bandits come forward, LockBit 4.0 released, and more Security23 Dec 2024 | 75
North Korea's fake IT worker scam hauled in at least $88M over six years DoJ thinks it's found the folks that ran it, and some of the 'IT warriors' sent out to fleece employers Cyber-crime13 Dec 2024 | 2
Continuity of CHIPS and Science Act questioned in a Trump presidency Asia In Brief Plus: A premium minimum wage for Malaysian datacenter workers; N Koreans maybe discover spicy content; S Korea fines Meta for data misuse, and more Systems11 Nov 2024 | 34
Officials warn of Russia's tech-for-troops deal with North Korea amid Ukraine conflict 10,000 of Kim Jong Un's soldiers believed to be headed for front line Security07 Nov 2024 | 47
Biz hired, and fired, a fake North Korean IT worker – then the ransom demands began 'My webcam isn't working today' is the new 'The dog ate my network' Cybersecurity Month18 Oct 2024 | 41
How to spot a North Korean agent before they get comfy inside payroll Mandiant publishes cheat sheet for weeding out fraudulent IT staff Cyber-crime24 Sep 2024 | 19
North Korean scammers plan wave of stealth attacks on crypto companies, FBI warns Feds warn of 'highly tailored, difficult-to-detect social engineering campaigns' Cyber-crime05 Sep 2024 | 8
US 'laptop farm' man accused of outsourcing his IT jobs to North Korea to fund weapons programs American and Brit firms thought they were employing a Westerner, but not so, it's alleged CSO08 Aug 2024 | 19
Secure Boot useless on hundreds of PCs from major vendors after key leak Infosec in brief Plus: More stalkerware exposure; a $16M TracFone fine; Ransomware victims don't use MFA, and more Security29 Jul 2024 | 36
North Korean chap charged for attacks on US hospitals, military, NASA – and even China Microsoft, Mandiant, weigh in with info about methods used by Andariel gang alleged to have made many, many, heists Security26 Jul 2024 | 4
Security biz KnowBe4 hired fake North Korean techie, who got straight to work ... on evil If it can happen to folks that run social engineering defence training, what hope for the rest of us? Security24 Jul 2024 | 36
North Korea likely behind takedown of Indian crypto exchange WazirX Firm halts trades after seeing $230 million disappear Security19 Jul 2024 | 21
South Korea orders 'Star Wars' lasers to blast Northern drones out of the sky Ancient weapons are no match for a good blaster at your side Offbeat12 Jul 2024 | 43
Baddies hijack Korean ERP vendor's update systems to spew malware Notorious 'Andariel' crew takes a bite of HotCroissant backdoor for fresh attack Malware Month02 Jul 2024 |
New Nork-ish cyberespionage outfit uncovered after three years Sector-agnostic group is after your data, wherever you are Cyber-crime31 May 2024 |
North Korea building cash reserves using ransomware, video games Microsoft says Kim’s hermit nation is pivoting to latest tools as it evolves in cyberspace Cyber-crime29 May 2024 | 2
Three cuffed for 'helping North Koreans' secure remote IT jobs in America Your local nail tech could be a secret agent for Kim’s cunning plan Security17 May 2024 | 22
Russia, Iran pose most aggressive threat to 2024 elections, say infoseccers Google security crew reveal ‘the four Ds’ to be on the watch for Cyber-crime25 Apr 2024 | 9
Misconfigured cloud server leaked clues of North Korean animation scam Outsourcers outsourced work for the BBC, Amazon, and HBO Max to the hermit kingdom Cyber-crime23 Apr 2024 | 17
Execs in Japan busted for winning dev bids then outsourcing to North Koreans Government issues stern warning over despot money-making scheme Cyber-crime28 Mar 2024 | 12
That Asian meal you eat on holidays could launder money for North Korea United Nations finds IT contract and crypto scams are just two of DPRK's illicit menu items Security25 Mar 2024 | 17
It's 2024 and North Korea's Kimsuky gang is exploiting Windows Help files New infostealer may indicate a shift in tactics – and maybe targets too, beyond Asia Research21 Mar 2024 | 5
Microsoft waited 6 months to patch actively exploited admin-to-kernel vulnerability Infosec in brief PLUS: NSA shares cloud security tips; Infosec training for Jordanian women; Critical vulnerabilities Security11 Mar 2024 | 10
North Korea running malware-laden gambling websites as-a-service $5k a month for the site. $3k for tech support. Infection with malware and funding a despot? Priceless Cyber-crime15 Feb 2024 | 3
Think tank warns North Korea uses AI for battle planning, maybe using cloudy resources Calls for clouds, and scientists, to take care they're not aiding Pyongyang AI + ML24 Jan 2024 | 8
Russia joins North Korea in sending state-sponsored cyber troops to pick on TeamCity users Updated National security and infosec authorities band together to help victims sniff out stealthy Russian baddies hiding in networks Cyber-crime14 Dec 2023 | 1
Think tank report labels NSO, Lazarus as 'cyber mercenaries' Sure, they do crimes. But the plausible deniability governments adore means they deserve a different label Cyber-crime13 Dec 2023 | 11
Memory-safe languages so hot right now, agrees Lazarus Group as it slings DLang malware Latest offensive cyber group to switch to atypical programming for payloads Research11 Dec 2023 | 10
Korean peninsula space race sees South and North launch tit for tat spy sats North claims it took photos of stuff. South points to success of homegrown booster Offbeat05 Dec 2023 | 8
North Korea makes finding a gig even harder by attacking candidates and employers That GitHub repo an interviewer wants you to work on could be malware Cyber-crime23 Nov 2023 | 6
North Korea readies third attempt at 'spy satellite' launch What a coincidence! The South is just about to lauch one, too. And it probably won't be junk like the hermit kingdom's recent efforts Science21 Nov 2023 | 3
Fresh find shines new light on North Korea’s latest macOS malware Months of work reveals how this tricky malware family targets... the financial services sector Research07 Nov 2023 | 4
After six days and thousands of pwned users, Cisco poised to patch IOS XE flaw Security in brief ALSO: SolarWinds using plaintext passwords; North Korea attacks TeamCity; Critical vulns, and more Cybersecurity Month22 Oct 2023 | 3
‘How not to hire a North Korean plant posing as a techie’ guide updated by US and South Korean authorities Advise turning off and never using remote desktop protocol, prohibiting private VPNs, not trusting recruiters’ due diligence Cybersecurity Month19 Oct 2023 | 51
South Korea accuses North of Phish and Ships attack Kim Jong-un looks at industry's progress with green eyes, says South Korea's spy agency Cyber-crime05 Oct 2023 |
North Korea's Lazarus Group upgrades its main malware LightningCan evades infosec tools in new and interesting ways Cybersecurity Month04 Oct 2023 | 4
Google warns infoseccers: Beware of North Korean spies sliding into your DMs Infosec in brief ALSO: Verizon turns self in for reduced fine, malvertising comes to macOS, and this week's critical vulnerabilities Security11 Sep 2023 | 2
Microsoft, recently busted by Beijing, thinks it's across China's ever-changing cyber-offensive Sometimes using AI to make hilariously wrong images that still drive social media engagement Security08 Sep 2023 | 13
Neighbors angry as another North Korean 'satellite' launch attempt fails US, Japan, and South Korea are well and truly over this sham Science24 Aug 2023 | 19
Tornado Cash 'laundered over $1B' in criminal crypto-coins Founder Roman Storm cuffed on conspiracy, sanctions busting charges Cyber-crime23 Aug 2023 | 16
North Korea may be itching to sell $40m of purloined Bitcoin Those weapons programs aren't going to fund themselves Cyber-crime23 Aug 2023 | 5
North Korea's neighbors issue warnings ahead of attempted 'satellite' launch The last one splashed down badly, but this is no laughing matter – Japan's PM thinks it could be a missile Bootnotes22 Aug 2023 | 8
North Korean hackers had access to Russian missile maker for months, say researchers Kim Jong Un's cyber-goons aren't above attacking the regime's few friends Security08 Aug 2023 | 21
North Korean satellite had no military utility for spying, says South Korea Lends credence to theory that Pyongyang is testing ballistic missiles against international rules Security06 Jul 2023 | 20
North Korea created very phishy evil twin of Naver, South Korea's top portal Think of it as a fake Google tuned for credential capture and you'll understand why authorities want to kill it Security15 Jun 2023 | 9
North Korea's Lazarus Group linked to Atomic Wallet heist Users' cryptocurrency wallets look unlikely to be refilled Cyber-crime08 Jun 2023 | 6
You might have been phished by the gang that stole North Korea’s lousy rocket tech US, South Korea, warn 'Kimsuky' is a very sophisticated social engineer Security02 Jun 2023 | 13
North Korean spy satellite launch ends in sea smash Rather than herald exciting success of best-ever lift-off, state media confirms fiasco. Consider us surprised Bootnotes31 May 2023 | 10
US bans North Korean outsourcer and its feisty freelancers They do your work – usually from Russia and China – then send their wages home to pay for missiles Cyber-crime24 May 2023 | 3
North Korea shows off surveillance satellite it claims it can launch To counter the 'US imperialists and the South Korean puppet villains' Science17 May 2023 | 13
DoJ, Treasury accuses 3 men of laundering crypto for North Korea If the DPRK is named, you know it somehow involves Lazarus Group Cyber-crime26 Apr 2023 | 3
3CX teases security-focused client update, plus password hashing As Mandiant finds more evidence it was North Korea wot done it Security12 Apr 2023 | 4
3CX thought supply chain attack was a false positive Updated 'It's not unusual for VoIP apps' says CEO Cyber-crime03 Apr 2023 | 23
Do you use comms software from 3CX? What to do next after biz hit in supply chain attack Miscreants hit downstream customers with infostealers Cyber-crime30 Mar 2023 | 25