News media organizations, academic entities, and think tanks have been warned by U.S. and South Korean intelligence agencies regarding the cyberespionage attacks by North Korean state-sponsored hacking operation Kimsuky, also known as TA406 and Thallium, reports The Record, a news site by cybersecurity firm Recorded Future.
Kimsuky has been leveraging open-source information to identify the targets for its spearphishing attacks, which involve attackers masquerading as academics, journalists, and think tank researchers to secure access to private research, documents, and communications that are being used by North Korea in building its intelligence efforts, according to the joint advisory.
Organizations and individuals impacted by Kimsuky have been urged by the U.S. government to provide information regarding the hackers.
Moreover, Kimsuky members have been given new sanctions by South Korea for their alleged participation in the recent spy satellite launch conducted by North Korea. Other countries' criticism regarding the launch has been disregarded by North Korea.
The days of an MSSP or MSP being a security device babysitter are over. Clients expect more from your SOC, SIEM and SecOps offerings, and evolving attacks will demand more of you. It's time to level up -- but how does one upgrade from basic to top-tier services? According to our featured speaker, there are several key steps: more comprehensive, cro...
Numerous government, political, and academic organizations in South Korea have been targeted by the Chinese state-backed advanced persistent threat operation TAG-74 as part of a "multi-year" cyberespionage campaign part of China's intellectual property theft and influence operations, The Hacker News reports.
BleepingComputer reports that vulnerable Openfire messaging servers impacted by the already addressed high-severity authentication bypass flaw, tracked as CVE-2023-32315, are being subjected to ongoing attacks aimed at ransomware encryption and cryptominer distribution.