The Google Threat Intelligence Group (GTIG) recently published a new report “Adversarial Misuse of Generative AI,” which is well worth the read. The report shares findings on how government-backed threat actors use and misuse the Gemini web application. Although the GTIG is committed to countering threats across Google’s platforms, it is also committed to sharing
North Korea
Scary Halloween News: Jumpy Pisces Using Play Ransomware to Attack Organizations
Unit 42 recently reported that it has identified “Jumpy Pisces, a North Korean state-sponsored threat group associated with the Reconnaissance General Bureau of the Korean People’s Army, as a key player in a recent ransomware incident.” Its investigation indicates “with moderate confidence that Jumpy Pisces, or a faction of the group, is now collaborating with…
Privacy Tip #281 – Preparing for Cyber Warfare: A Survival List
The United States government, states, municipalities, and private companies all have been trying to defend themselves from cyber warfare from foreign adversarial governments, including Russia, China, and North Korea, for years—actually, for decades. Even when I started practicing full time in this area of law in the early 2000s, we were talking about not traveling…
Executive Order on Drones Expands to North Korea, Iran, and Russia
Last week, the Executive Order on Protecting the United States from Certain Unmanned Aircraft Systems (UAS) expanded the U.S.-China drone controversy to North Korea, Iran, and Russia.
The Order also provides the Secretary of Commerce with the authority to designate “any other foreign nation, foreign area, or foreign non-government entity engaging in long-term patterns or…
Chinese and Russian Hackers Targeting COVID-19 Vaccine Makers in U.S. Crosshairs
Last week, authorities from the United States, United Kingdom and Canada accused a well-known hacker group tied to the Russian government, APT29 a/k/a Cozy Bear of using malware to exploit security vulnerabilities to enable it to steal COVID-19 vaccine research from companies located in these countries working to develop a vaccine. This was after a…
Ryuk Ransomware Targets Large Businesses With Large Ransoms
A new ransomware, dubbed “Ryuk,” has surfaced in the last few weeks that is said to be targeting large organizations in the United States.
The attackers behind Ryuk have reportedly made over $640,000 in just two weeks, and are allegedly connected to the well-known hacking group out of North Korea—Lazarus.
According to security company Check…
FBI and DHS Warn of Malicious Malware (HIDDEN COBRA) Attributed to North Korea
Just days after the summit between the U.S. and North Korea, the Federal Bureau of Investigation (FBI) and the Department of Homeland Security issued a warning about a malicious malware, a Trojan malware variant known as “TYPEFRAME,” has been dubbed HIDDEN COBRA, which is believed to be backed by the North Korean government and is…
Chinese Telecom Companies in Hot Water
Chinese cyber espionage and cyber-attack capabilities will continue to support China’s national security and economic priorities,” says Dan Coats, the Director of National Intelligence “Americans should not buy Huawei or ZTE products.” In March 2017 the Chinese Telecom company, ZTE, plead guilty to shipping US technology to Iran and North Korea, and reached a settlement…
Think Tank Says Nuclear Missiles Can be Inadvertently Launched Through Cyber-Attacks
Just before the false alarm last weekend in Hawaii when residents were erroneously warned of an impending missile attack, think tank Chatham House issued a report stating that it had identified vulnerabilities in nuclear weapons systems located throughout the world that made them susceptible to malware and ransomware attacks that could lead to inadvertent missile…
Another Hitch in the Crypto Boom? North Korean Malware Hijacks Computers to Mine Monero Cryptocurrency
Researchers at cybersecurity firm AlienVault have discovered a computer virus of North Korean origin which infects and hijacks computers in order to mine Monero, a private digital currency which styles itself as “secure, private and untraceable.” Cryptocurrency mining is the resource-intensive process by which computers or “miners” running specific software verify cryptocurrency transactions. In exchange for their computing power, miners are given small amounts of cryptocurrency. In the case of North Korean’s Monero malware, the virus installs mining software on infected computers unbeknownst to their owners or users. The software then secretly mines Monero and sends mining rewards back to a server located at Kim II Sung University in Pyongyang. Researchers are unsure how many computers may be affected.
Continue Reading Another Hitch in the Crypto Boom? North Korean Malware Hijacks Computers to Mine Monero Cryptocurrency