SEARCH
Archive
North Korean APT37 Used Internet Explorer Zero Day
A North Korean state-backed actor known for targeting South Korean victims recently used an Internet Explorer zero day (CVE-2022-41128).
Lazarus Group Affiliate Uses Trojanized Open Source Apps in New Campaigns
Zinc, a Lazarus group offshoot, is using trojanized versions of open source apps such as KiTTY and PuTTY in a new phishing campaign.
North Korean Attackers Use Malicious Browser Extension to Steal Email
The Kimsuky threat group based in North Korea is using a malicious browser extension to steal email from active user sessions in Chrome and Edge.
Justice Department Seizes $500K From North Korean Ransomware Group
U.S. authorities seized a half million dollars and disrupted the activities of a North Korean state-sponsored group.
North Korean Threat Actors Target Small Businesses With Ransomware
The H0lyGh0st ransomware group has spent the last year targeting small and medium-sized businesses - but has not yet successfully extorted ransom payments from victims, said Microsoft researchers.