News

Latest news on the subject of B2B cyber security >>> PR agencies: Add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Tag: North Korea

Iran, North Korea, Russia: State hackers rely on ClickFix 
9 May 2025
| No comments
| Short news
B2B Cyber ​​Security ShortNews

State-sponsored hacking groups are increasingly adopting new social engineering techniques originally developed by commercially motivated cybercriminals. For example, ClickFix is ​​now also increasingly being used by North Korean, Iranian, and Russian groups in espionage campaigns. The ClickFix method uses fake error messages or supposed security warnings to trick unsuspecting users into manually entering malicious PowerShell commands into their systems. This direct user interaction helps criminals bypass conventional defenses such as automatic malware scans. ClickFix integrated into cyberattacks At the turn of the year, Proofpoint researchers observed for the first time how groups from North Korea (TA427), Iran (TA450), and Russia (UNK_RemoteRogue…

Read more

Ransomware trends: Cybercrime scene in upheaval
11 April 2025
| No comments
| Bitdefender, Stories
Ransomware trends: Cybercrime scene in upheaval Image by Gerd Altmann on Pixabay

Ransomware: Large players like LockBit and ALPHV/BlackCat are seemingly passé, but new, not yet established groups are moving into the emerging gaps. Ransomware-as-a-Service (RaaS) groups are also revising their internal division of labor and organization. Even states like Russia and North Korea are discovering ransomware as a source of revenue. As a cybercriminal industry, ransomware is subject to constant change. This makes the threat landscape confusing and dangerous. Not only does the top ten extortionist hackers change almost monthly, but individuals or small teams are increasingly playing a growing role. Furthermore, new groups seeking to establish a position in the criminal market are lowering their...

Read more

Cyber ​​threats are becoming faster and more devastating
March 21, 2025
| No comments
| Short news
B2B Cyber ​​Security ShortNews

In 2024, cyber threats have not only increased, they have also become more complex, and their impacts have become significantly worse, according to recent report findings. Criminals can now exfiltrate data in just a few hours, and they have ramped up their ransom demands. The 2025 Global Incident Response Report from Palo Alto Networks' Unit 42 team reveals a worrying trend: Cyberattacks are not only becoming faster and more sophisticated, but are increasingly aimed at crippling companies' operations rather than simply stealing data. The analysis of over 500 serious security incidents in 38 countries reveals: 500 serious security incidents The…

Read more

Software Testers: Fake Job Offers with Malware from North Korea
10. February 2025
| No comments
| Bitdefender, PR News
Software testers: Fake job offers with malware from North Korea Image: Bing - AI

Hackers are attacking applicants through an active campaign with fake job offers on LinkedIn: As part of the application process, the attackers receive malicious code for a backdoor, an infostealer, a keylogger and a cryptominer via a link. Bitdefender Labs sees connections to the North Korean Lazarus group (APT 38). LinkedIn is not just a platform for exchanging information and finding experts. Many cybercriminals are increasingly using the medium's credibility for their own purposes. Operators with a government background are also launching phishing campaigns or spreading false job offers in order to spread malicious code. Fake: Lucrative offers to developers...

Read more

Report: Gemini is being abused by state hacker groups 
9. February 2025
| No comments
| Short news
B2B Cyber ​​Security ShortNews

The Google Threat Intelligence Group (GTIG) shows in a report that Iranian, Chinese, North Korean and Russian hacker groups in particular are accessing the Gemini AI. Although they do not have malware written, they use AI as a basis for code, to find vulnerabilities and to assist with malicious scripting techniques. The Google Threat Intelligence Group (GTIG) has published a comprehensive report on the use of generative artificial intelligence (AI) by threat actors. Generative AI models such as Gemini are also accessible to attackers. This leads to concerns about the possible misuse of AI for malicious purposes. Important countries in focus...

Read more

Study: Much malware comes from state-sponsored attack groups
26 December 2024
| No comments
| PR News
Study: Much malware comes from state-sponsored attack groups Image: Bing - AI

Security provider Netskope has analyzed the malware targeting its customers. The lab found that 66% of attributable malware came from state-sponsored attack groups - primarily from North Korea, followed by Russia and China. New data from Netskope Threat Labs shows that over the past 12 months, 66% of attributable malware targeting Netskope customers was linked to state-sponsored attack groups. The largest share of malware attacks came from North Korean threat groups, with Chinese and Russian groups coming in second and third. Extremely high levels of malware from North Korea...

Read more

North Korea: Cyber ​​espionage threatens international security
21 December 2024
| No comments
| Short news
B2B Cyber ​​Security ShortNews

In recent years, North Korea has greatly expanded its cyber espionage capabilities and carried out targeted hacker attacks on international companies and authorities. The most recent incidents in which North Korean hackers obtained sensitive information from military and defense companies are particularly explosive. One example of North Korean cyber attacks is the hacker attack on a German defense company. The North Korean hacker group "Kimsuky", which is directly linked to the regime in Pyongyang, is said to be responsible for the attack. The group is known for deliberately stealing information from areas such as defense and technology in order to undermine North Korea's military...

Read more

North Korean cyber espionage on defense companies
14 October 2024
| No comments
| Short news
B2B Cyber ​​Security ShortNews

In recent years, North Korea's cyber espionage capabilities have expanded enormously and targeted hacker attacks have been carried out on international companies and authorities. The most recent incidents in which North Korean hackers obtained sensitive information from military and arms companies are particularly explosive. This shows how the internationally isolated regime is increasingly pursuing its military and geopolitical goals through cybercrime. The attacks also raise questions about the cybersecurity of Western countries, which are apparently more vulnerable to such attacks than previously thought. One example of this is the hacker attack on a German arms company. The North Korean hacker group...

Read more

North Korean threat actor classified as APT 45
August 18, 2024
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Google subsidiary Mandiant has classified the North Korean cybercriminal group Andariel in the "Advanced Persistent Threat Group" category and given it the designation "APT 45." APT 45 targets critical infrastructure. The analysis highlights that Andariel, known for its large-scale, efficient cyber operations against critical infrastructure and strategic industries, has expanded its espionage campaigns against governments to include ransomware operations against healthcare providers, financial institutions and energy companies. Mandiant believes this shift is aimed in part at generating revenue to support its broad-based cyber campaigns and underscores the escalating...

Read more

Spearphishing from North Korea
28 May 2024
| No comments
| Short news
B2B Cyber ​​Security ShortNews

The US government warns of threat actors from North Korea. As a result, they use weak email DMARC (Domain-based Message Authentication Reporting and Conformance) settings to send fake spearphishing emails as if they came from a legitimate email address. “We have observed that North Korean threat actors like APT43 are exploiting the flawed DMARC configurations to easily spoof well-known institutions at major universities, think tanks and NGOs. This allowed them to target prominent facilities in specific areas and collect high-priority intelligence for the North Korean regime. They did this by stealing the email addresses of legitimate users from legitimate…

Read more

© 2025 MedPressIT Selinger
Cookie Settings