May 25, 2024

U.S. warns old software makes companies vulnerable to North Korean cyber attacks

Government agencies publish five malware samples linked to DPRK in push to better secure infrastructure

U.S. businesses and the public sector remain vulnerable to North Korean cyber threats because software often remains unpatched, the Cybersecurity and Infrastructure Security Agency (CISA) warned on Tuesday after releasing five new malware samples attributed to the DPRK.

"Foreign cyber actors continue to exploit publicly known—and often dated—software vulnerabilities against broad target sets,” CISA explained in an alert on the “Top 10 Routinely Exploited Vulnerabilities” prepared in collaboration with the Federal Bureau of Investigation (FBI) and the broader U.S. government.

Become a member for less than $4 per week.

  • Unlimited access to all of NK News: reporting, investigations, analysis
  • The NK News Daily Update, an email newsletter to keep you in the loop
  • Searchable archive of all content, photo galleries, special columns
  • Contact NK News reporters with tips or requests for reporting
Get unlimited access to all NK News content, including original reporting, investigations, and analyses by our team of DPRK experts.
Subscribe now

All major cards accepted. No commitments – you can cancel any time.