A new backdoor called WinorDLL that is potentially the work of the Lazarus Group has been found onn victim machines in several countries.
CISA, the FBI, and NSA are warning about ongoing ransomware attacks by North Korean groups that target government agencies and defense companies.
The TA444 threat group has changed its tactics in recent weeks, moving to new delivery methods and payloads.
The FBI says the North Korean threat actor Lazarus Group is responsible for the theft of $100 million in cryptocurrency from Harmony Horizon Bridge in June.
A North Korean state-backed actor known for targeting South Korean victims recently used an Internet Explorer zero day (CVE-2022-41128).