North Korean hackers break into US software firms in latest supply chain hack
Spear-phishing remains tactic of choice as Lazarus group targets JumpCloud systems and GitHub users
The North Korean hacking outfit Lazarus broke into an American enterprise software company, likely aiming to compromise a large number of systems in subsequent attacks, cybersecurity firm SentinelLabs reported on Thursday.
News about the sophisticated supply chain hack of JumpCloud came just days after software hosting provider GitHub identified a highly targeted social engineering campaign linked to Lazarus that appeared to pursue similar goals.
GitHub identified the actor as Jade Sleet, a moniker used by Microsoft Threat Intelligence. The group was previously known as TraderTraitor by the U.S. Cybersecurity and Infrastructure Security Agency. [/p
- 01North Korea hints beach resort twice as long as Waikiki may finally open soon
- 02State media review: North Korea slams US ‘air pirates’ for raising risk of war
- 03What North Korea’s official budget reveals about its spending priorities in 2024
- 04How North Korean aggression and the Taiwan election complicate China-DPRK ties
- 05Satellite imagery shows Kim Jong Un’s east coast yacht, missile test activities
- 06State media review: North Korean festivals build up to former leader’s birthday
- 07Survey shows markets reign supreme in the daily lives of North Koreans
- 08What to make of North Korea’s apparent interest in naval nuclear propulsion