A new North Korean threat group called Moonstone Sleet relies on trojanized, legitimate software, deploys custom ransomware and creates fake companies to further trick victims in its campaigns.
The North Korean Kimsuky APT group has been using a new Linux backdoor called Gomir in attacks on South Korean targets.
The US and several allies have sanctioned eight North Korean nationals, including alleged members of the Kimsuky APT group.
Microsoft warned that these attacks are “particularly high risk” for impacted organizations.
A new, previously undetected, version of the Rustbucket macOS malware has been discovered in an intrusion by a known North Korean APT group.