Michael Barnhart, a principal analyst at Mandiant, describes this North Korean threat actor as “one of the more skilled groups coming out of this closed off nation,” and in targeting security researchers, the group deployed a range of new tools.
Although there is widespread overlap of tooling and tactics across North Korean-aligned hacking groups, Mandiant considers TEMP.Hermit to be a distinct subset of activity under the control of the country’s Reconnaissance General Bureau and focused on intelligence collection.
North Korean hackers target security researchers with a new backdoor | Ars Technica
Threat actors connected to the North Korean government have been targeting security researchers in a hacking campaign that uses new techniques and malware in hopes of gaining a foothold inside the companies the targets work for, researchers said.
Researchers from security firm Mandiant said on Thursday that they first spotted the campaign last June while tracking a phishing campaign targeting a US-based customer in the technology industry.
North Korean UNC2970 Hackers Expands Operations with New Malware Families
A North Korean espionage group tracked as UNC2970 has been observed employing previously undocumented malware families as part of a spear-phishing campaign targeting U.S. and European media and technology organizations since June 2022.
UNC2970 is the new moniker designated by the threat intelligence firm to a set of North Korean cyber activity that maps to UNC577 (aka Temp.Hermit ), and which also comprises another nascent threat cluster tracked as UNC4034.
CISA: Do these three things to toughen up your network against hackers | ZDNET
The US Cybersecurity and Infrastructure Security Agency (CISA) has detailed how, during a cybersecurity red team assessment, it was able to gain access to the network a large critical infrastructure organization -- and how the lessons learned can help others to toughen up their network security
Why So Much Open Source Software Is Vulnerable to Hackers - The New Stack
Many commercial and proprietary codebases are acquired through merger and acquisition transactions.
Synopsys, based in Mountain View, Calif., develops electronic products and software applications for electronic design automation (EDA), semiconductor IP, software quality, and security solutions.
BREAKING: North Korea fires short-range ballistic missile toward Yellow Sea, South Korean military says - Yonhap TheInsiderPaper (from Global) Thu Mar 09 10:49:21 +0000 2023
North Korean leader Kim Jong Un calls on the military to intensify drills to simulate "real war"… https://t.co/Ag4UkQUNN7 AJEnglish (from Doha, Qatar) Fri Mar 10 01:15:47 +0000 2023
North Korean leader Kim calls for intensified drills for 'real war' https://t.co/ziMbd8uPoZ https://t.co/iT98Dyqtjk Reuters (from Around the world) Thu Mar 09 23:50:19 +0000 2023
Salvo launch. I'll say it again: most North Korean missile launches in the 2020s are not "tests". https://t.co/B3yXUzQL5Q nktpnd (from District of Columbia) Fri Mar 10 03:13:54 +0000 2023
No comments:
Post a Comment