In July 2024, the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) issued stark warnings regarding a surge in Distributed Denial of Service (DDoS) attacks on election-related infrastructure. SonicWall, a cybersecurity firm, reports a significant escalation in such attacks throughout the year, forecasting a 32% increase in incidents compared…
Cybercrime, Fraud Management & Cybercrime, Government Experts Anticipate Escalating Cyber Threats as Trump Eyes Second Term Chris Riotta (@chrisriotta) • November 11, 2024 Experts warn of intensified Russian attacks on countries aligning with the European Union. (Image: Shutterstock) As speculation grows around a potential second term for former President Donald…
In August 2024, a significant data breach reportedly exposed the sensitive personal information of an estimated 130 million to 170 million individuals across the United States, United Kingdom, and Canada. The breach originated from a South Florida data broker known as National Public Data (NPD), which fell victim to a…
Major Cybersecurity Incident Targets Agricultural Sector in the U.S. In a recent worrying development, a significant cyber attack has struck a company in the agricultural sector based in the United States. This incident highlights the growing vulnerability of organizations that play a critical role in food production and supply, especially…
Data Exfiltration Attack Scenario: The Porsche Experience July 28, 2023 In recent investigations aimed at assessing the security frameworks of major automotive manufacturers, the Security Research team at Checkmarx has focused its attention on Porsche. Recognized for its robust Vulnerability Reporting Policy, Porsche was deemed a crucial candidate for analysis.…
Security Operations Developers’ Credentials Compromised Through Typosquatted ‘Fabric’ Library Prajeet Nair (@prajeetspeaks) • November 11, 2024 Image: Shutterstock A deceptive Python package, masquerading as a popular SSH automation library, has been active on the PyPi repository since 2021. This malicious package is designed to distribute payloads that compromise user credentials…
Amazon has confirmed that 2.8 million lines of employee data were compromised in a recent data breach. AFP via Getty Images In a troubling revelation highlighting the ongoing repercussions of the MOVEit vulnerability discovered in 2023, Amazon has acknowledged that sensitive employee data was exposed via a breach associated with…
STARK#MULE Cyber Campaign Targets Korean Speakers with U.S. Military-Themed Malware Documents
July 28, 2023
Cyber Attack / Malware
A persistent cyber attack campaign identified as STARK#MULE is aimed at Korean-speaking individuals, using U.S. Military-themed documents to lure victims into executing malware on compromised systems. Cybersecurity firm Securonix has been monitoring this activity, though the full extent of the attacks remains unclear and it is unknown if any of them have successfully compromised systems. Security researchers Den Iuzvyk, Tim Peck, and Oleg Kolesnikov noted in a report shared with The Hacker News that these attacks are reminiscent of previous ones linked to North Korean groups like APT37, which has historically targeted South Korea, particularly its government officials. APT37, also known by various aliases including Nickel Foxcroft, Reaper, Ricochet Chollima, and ScarCruft, is recognized as a North Korean state-sponsored actor focused on southern targets.
STARK#MULE Targets Koreans with U.S. Military-Themed Document Lures In a notable development in cyber threats, a new campaign has emerged targeting Korean-speaking individuals through the use of U.S. military-themed documents designed to deliver malware. Cybersecurity experts from Securonix have named the campaign STARK#MULE and are actively monitoring its activities. While…
STARK#MULE Cyber Campaign Targets Korean Speakers with U.S. Military-Themed Malware Documents
July 28, 2023
Cyber Attack / Malware
A persistent cyber attack campaign identified as STARK#MULE is aimed at Korean-speaking individuals, using U.S. Military-themed documents to lure victims into executing malware on compromised systems. Cybersecurity firm Securonix has been monitoring this activity, though the full extent of the attacks remains unclear and it is unknown if any of them have successfully compromised systems. Security researchers Den Iuzvyk, Tim Peck, and Oleg Kolesnikov noted in a report shared with The Hacker News that these attacks are reminiscent of previous ones linked to North Korean groups like APT37, which has historically targeted South Korea, particularly its government officials. APT37, also known by various aliases including Nickel Foxcroft, Reaper, Ricochet Chollima, and ScarCruft, is recognized as a North Korean state-sponsored actor focused on southern targets.
Cybersecurity Alert: SEO Poisoning Targets Australian Internet Users Searching for Bengal Cats Cybersecurity experts at Sophos are sounding the alarm about a rising cyber threat linked to the increasingly popular search term, "Are Bengal Cats legal in Australia." This alarming trend has been identified as an example of SEO poisoning,…
