1604278800
North Korea-Backed Spy Group Poses as Reporters in Spearphishing Attacks, Feds Warn
The North Korean advanced persistent threat (APT) group known as Kimsuky is actively attacking commercial-sector businesses, often by posing as South Korean reporters, according to an alert from the U.S. Cybersecurity and Infrastructure Security Agency (CISA).
Kimsuky (a.k.a. Hidden Cobra) has been operating as a cyberespionage group since 2012 under the auspices of the regime in Pyongyang. Its mission is global intelligence gathering, CISA noted, which usually starts with spearphishing emails, watering-hole attacks, torrent shares and malicious browser extensions, in order to gain an initial foothold in target networks.
Primary targets include think-tanks, and diplomatic and high-level organizations in Japan, South Korea and the United States, with a focus on foreign policy and national-security issues related to the Korean peninsula, nuclear policy and sanctions, CISA added. It also targets the cryptocurrency industry.
In recent campaigns seen over the summer, the group ultimately sent malicious attachments embedded in spearphishing emails to gain initial access to victim organizations, according to an analysis, published on Tuesday. But the malicious content was deployed only after several initial exchanges with the target meant to build trust.
“Posing as South Korean reporters, Kimsuky exchanged several benign interview-themed emails with their intended target to ostensibly arrange an interview date and possibly build rapport,” according to CISA. “The emails contained the subject line, ‘Skype Interview requests of [redacted TV show] in Seoul,’ and began with a request to have the recipient appear as a guest on the show. The APT group invited the targets to a Skype interview on the topic of inter-Korean issues and denuclearization negotiations on the Korean Peninsula.”
After a recipient agreed to an interview, Kimsuky sent a subsequent email with a malicious document. And when the date of the interview got closer, the purported “reporter” sent an email canceling the interview.
After obtaining initial access, the APT group ultimately deployed the BabyShark malware and PowerShell or the Windows Command Shell for execution.
“This is another example of the seriousness of the modern cybercrime world and the resources behind them,” said Erich Kron, security awareness advocate at KnowBe4, via email. “With billions of dollars at stake every year and with warfare expanding to the digital realm in such a large way, it is no surprise that nation-states are involved. The days of thick manila envelopes full of papers, traditional dossiers on people or stealthy microfilm cameras whisking away our information are gone. Now, it is all a bunch of ones and zeros in easily searched databases.”
#government #malware #web security #active campaigns #alert #analysis #babyshark #cisa #espionage #hidden cobra #kimsuky #malware #north korea #reporters #south korea #spyware
What is GEEK
Buddha Community
1604278800
North Korea-Backed Spy Group Poses as Reporters in Spearphishing Attacks, Feds Warn
The North Korean advanced persistent threat (APT) group known as Kimsuky is actively attacking commercial-sector businesses, often by posing as South Korean reporters, according to an alert from the U.S. Cybersecurity and Infrastructure Security Agency (CISA).
Kimsuky (a.k.a. Hidden Cobra) has been operating as a cyberespionage group since 2012 under the auspices of the regime in Pyongyang. Its mission is global intelligence gathering, CISA noted, which usually starts with spearphishing emails, watering-hole attacks, torrent shares and malicious browser extensions, in order to gain an initial foothold in target networks.
Primary targets include think-tanks, and diplomatic and high-level organizations in Japan, South Korea and the United States, with a focus on foreign policy and national-security issues related to the Korean peninsula, nuclear policy and sanctions, CISA added. It also targets the cryptocurrency industry.
In recent campaigns seen over the summer, the group ultimately sent malicious attachments embedded in spearphishing emails to gain initial access to victim organizations, according to an analysis, published on Tuesday. But the malicious content was deployed only after several initial exchanges with the target meant to build trust.
“Posing as South Korean reporters, Kimsuky exchanged several benign interview-themed emails with their intended target to ostensibly arrange an interview date and possibly build rapport,” according to CISA. “The emails contained the subject line, ‘Skype Interview requests of [redacted TV show] in Seoul,’ and began with a request to have the recipient appear as a guest on the show. The APT group invited the targets to a Skype interview on the topic of inter-Korean issues and denuclearization negotiations on the Korean Peninsula.”
After a recipient agreed to an interview, Kimsuky sent a subsequent email with a malicious document. And when the date of the interview got closer, the purported “reporter” sent an email canceling the interview.
After obtaining initial access, the APT group ultimately deployed the BabyShark malware and PowerShell or the Windows Command Shell for execution.
“This is another example of the seriousness of the modern cybercrime world and the resources behind them,” said Erich Kron, security awareness advocate at KnowBe4, via email. “With billions of dollars at stake every year and with warfare expanding to the digital realm in such a large way, it is no surprise that nation-states are involved. The days of thick manila envelopes full of papers, traditional dossiers on people or stealthy microfilm cameras whisking away our information are gone. Now, it is all a bunch of ones and zeros in easily searched databases.”
#government #malware #web security #active campaigns #alert #analysis #babyshark #cisa #espionage #hidden cobra #kimsuky #malware #north korea #reporters #south korea #spyware
1623050424
Dashboard Reporting Software
Accurate and fast reporting with originscale dashboard reporting software. Run faster, smarter operations with help from dozens of easy-to-use online reports. Try for Free Demo Today
#dashboard reporting software #reporting dashboard software #dashboard reporting tool #dashboard reporting #inventory report dashboard
1600959600
OldGremlin Ransomware Group Bedevils Russian Orgs
A new cybercriminal group called OldGremlin has been targeting Russian companies – including banks, industrial enterprises and medical firms – with ransomware attacks.
OldGremlin relies on a bevy of tools, including custom backdoors called TinyPosh and TinyNode, to gain an initial foothold in the organization. It also uses tricky spear-phishing emails that utilize constantly evolving lures — from false coronavirus pandemic recommendations to fake requests for media interviews. And, the Russian-speaking cybercriminal group targets other Russian organizations, which researchers say is a big no-no within the Russian hacker community.
Researchers first discovered the group in August, when it targeted a large, unnamed medical company with a spear-phishing email purporting to be sent by the media holding company RBC. Instead, the email was an attack vector for OldGremlin to encrypt the company’s entire corporate network and demand a $50,000 ransom.
#hacks #malware #vulnerabilities #web security #cobalt strike #cyberattack #group-ib #malware #oldgremlin #phishing attack #ransomware #rbc #russian organization #spearphishing #threat #threat group #tinynode
1617896520
Dance on Human Pose Estimation Using Artificial Intelligence
Dance on Human Pose Estimation Using Artificial Intelligence with Complete Tutorial & Source Code Download Free.
A Human Pose Skeleton speaks to the direction of an individual in a graphical organization. Basically, it is a bunch of directions that can be associated with depict the posture of the individual. Every co-ordinate within the skeleton is understood as a neighborhood or a joint, or a keypoint. A substantial association between two sections is known as a couple.
#projects #artificial intelligence #ai based dance on human pose estimation #dance on human pose estimation #dance on human pose estimation ai project #dance on human pose estimation using artificial intelligence #download code dance on human pose estimation ai project
1604403875
Top Mobile App Development Company in North Carolina
Are you looking for a Top Mobile App Development Company in North Carolina? Then AppClues Infotech is one of the best Mobile App Development Company in North Carolina. Having extensive experience in consulting & developing various immersive & mobility solutions that are being used by a number of customers globally across the industry.
We offer versatile Mobile App development technology solutions to our clients at an affordable price. We have a well-experienced team of designers and developers who can create custom mobile applications as per your specific needs.
Our Mobile App Development Service:
• iOS App Development
• Android App Development
• Flutter App Development
• Windows App Development
• React Native App Development
• Ionic App Development
For more info:
Website: https://www.appcluesinfotech.com/
Email: info@appcluesinfotech.com
Call: +1-978-309-9910
#mobile app development north carolina #mobile app development company in north carolina #top mobile app development company in north carolina #best mobile app development company north carolina #best mobile app development services north carolina #mobile app development company in usa