A North Korean state-backed actor known for targeting South Korean victims recently used an Internet Explorer zero day (CVE-2022-41128).
Zinc, a Lazarus group offshoot, is using trojanized versions of open source apps such as KiTTY and PuTTY in a new phishing campaign.
The Kimsuky threat group based in North Korea is using a malicious browser extension to steal email from active user sessions in Chrome and Edge.
U.S. authorities seized a half million dollars and disrupted the activities of a North Korean state-sponsored group.
The H0lyGh0st ransomware group has spent the last year targeting small and medium-sized businesses - but has not yet successfully extorted ransom payments from victims, said Microsoft researchers.