North Korea stories

AI is fuelling a surge in cyber attacks, with CrowdStrike warning criminals now move from breach to lateral movement in under 30 minutes.

Okta warns North Korean operatives are landing remote tech jobs with stolen and synthetic identities to fund the regime and enable cyber attacks.

Google flags surging attempts to steal AI models as state-backed hackers weaponise Gemini for phishing, intel gathering and malware support.

Hackers are abandoning noisy ransomware to quietly steal data, as a report finds 80% of top attack techniques now focus on evasion.

CrowdStrike has split North Korea-linked LABYRINTH CHOLLIMA into three units, two for crypto theft and one for industrial espionage.

Google has dismantled IPIDEA's vast residential proxy network, which hijacked millions of consumer devices for global cyber operations.

Team Cymru and Filigran link Pure Signal and Scout with OpenCTI to enrich threat investigations, automate hunts and deepen global context.

iProov and HYPR integrate liveness checks with passwordless login to stop deepfake workers infiltrating enterprises at onboarding.

North Korean hackers stole USD $300M via fake Zoom calls; robust identity checks could have broken the scam's chain of trust.

A North Korean group has used blockchain-based EtherHiding to secretly deploy malware, targeting developers in tech and cryptocurrency sectors worldwide.

Google Cloud's new report warns rising cyber threats target backup systems, with nearly half of cloud attacks exploiting weak credentials and misconfigurations.

North Korean hackers have intensified phishing attacks on Ukrainian government bodies to gather strategic intelligence on the Russian invasion, Proofpoint reports.

Google's GTIG reports 75 zero-day exploits in 2024, highlighting a rising threat to enterprise tech despite a slight overall decrease from 2023.

At Google Cloud Next, Sandra Joyce revealed China's advanced cyber tactics, highlighting a global surge in espionage and rising ransomware incidents.

A report by Google highlights a surge in North Korean IT operations, now expanding beyond the US to target firms and governments in Australia and Europe.

Bybit suffered a major hack, exposing vulnerabilities from human error rather than blockchain flaws, as attackers manipulated staff to divert funds.

Palo Alto Networks' Unit 42 reveals that 86% of major cyber incidents in 2024 caused operational downtime and financial loss, amid escalating threats.

Cybercrime has overtaken state-sponsored hacking as the main online threat, with healthcare and energy sectors particularly vulnerable, warns Google.

SentinelLabs has revealed that new variants of North Korean FERRET malware, dubbed FlexibleFerret, evade Apple's XProtect, targeting macOS users through job interview scams.

Sophos has acquired Secureworks for USD $859 million, solidifying its position as a top cybersecurity provider with enhanced comprehensive services.