DPRK's APT37 Targets Cambodia With Khmer, 'VeilShell' Backdoor
It's North Korea versus Cambodia, with Windows default settings and sheer patience allowing the bad guys to avoid easy detection.
This tag covers cybersecurity incidents, policy, public services, privacy, advisories, and regional implications connected to North Korea.
Search across headline titles and summaries.
Background for this topic.
North Korea covers cybersecurity and information-security developments connected to North Korea, including incidents, policy, privacy, advisories, research, and news affecting organizations, public services, and digital systems in the area.
For practitioners, the tag provides geographic context for developments involving North Korea's organizations, services, partners, and users. Individual articles provide the specific technologies, threats, sectors, and operational implications relevant to each development.
It's North Korea versus Cambodia, with Windows default settings and sheer patience allowing the bad guys to avoid easy detection.
Also: Prison Sentences for BEC Scammers and a West African Cybercrime CrackdownThis week, AI nudify sites spread malware, BEC scammers head to prison, London man charged with hacking, and a Spanish insurance company with a breach. Also, a North Korean hacking group and a West African crackdown on online scammers. And, a Schrödinger Windows vulnerability: Is it real?
Threat actors with ties to North Korea have been observed delivering a previously undocumented backdoor and remote access trojan (RAT) called VeilShell as part of a campaign targeting Cambodia and likely other Southeast Asian countries
Despite a $10 million bounty on one member, APT45 is not slowing down, pivoting from intelligence gathering to extorting funds for Kim Jong-Un's regime.
German Domestic Intelligence Agency Says German Companies Have Fallen For ScamThe German federal domestic intelligence agency is adding to warnings over North Korean IT workers obtaining remote work in Western tech companies. The world's most secretive and repressive regime looks for multiple ways to circumvent strict economic sanctions.
North Korean APT Stonefly continues to launch cyber-attacks on US firms despite July indictment
Three different organizations in the U.S. were targeted in August 2024 by a North Korean state-sponsored threat actor called Andariel as part of a likely financially motivated attack