North Korean hackers break into US software firms in latest supply chain hack
Spear-phishing remains tactic of choice as Lazarus group targets JumpCloud systems and GitHub users
The North Korean hacking outfit Lazarus broke into an American enterprise software company, likely aiming to compromise a large number of systems in subsequent attacks, cybersecurity firm SentinelLabs reported on Thursday.
News about the sophisticated supply chain hack of JumpCloud came just days after software hosting provider GitHub identified a highly targeted social engineering campaign linked to Lazarus that appeared to pursue similar goals.
GitHub identified the actor as Jade Sleet, a moniker used by Microsoft Threat Intelligence. The group was previously known as TraderTraitor by the U.S. Cybersecurity and Infrastructure Security Agency. [/p
- 01North Korean launchpad busy despite Putin’s vow to help launch DPRK satellites
- 02Why China isn’t too worried about Kim Jong Un’s trip to cozy up to Russia
- 03State media review: Kim Jong Un ramps up personality cult with new mosaic mural
- 04Why interoperability remains a hurdle for trilateral cooperation on North Korea
- 05North Korea confirms long-time weapons official leading top missile bureau
- 06RECAP: Everything we know about Kim Jong Un’s grand odyssey in Russian Far East
- 07What the North Korean Red Guards’ new toys reveal about military modernization
- 08State media review: North Koreans ‘pine for’ Kim Jong Un as he travels abroad