A newly identified malware, SMASHINGCOCONUT, bears a striking resemblance to malware used by North Korea in a November 2014 cyber-attack on Sony, the Department of Homeland Security (DHS) said in an intelligence note.
The reputed state-sponsored North Korean hacking group Hidden Cobra has once again been caught in a malware attack against financial organisations.
Amid reports of Russian hackers influencing elections, Chinese hackers pilfering state secrets, and North Korea launching ransomware attacks, it would be easy to underestimate Iran's potential as a cyber-threat to the US.
Security researchers recently uncovered a phishing campaign that suspected Korean hackers had, since August 2017, unleashed on humanitarian aid organisations by using topics on North Korean politics.
North Korea appears to be planning major international cyber-attacks, with espionage group APT37 (Reaper) seen to be expanding its scope and sophistication with new zro day vulnerabilities and wiper malware.
Hacker group Lazarus has renewed a phishing campaign it launched, but instead of injecting malware to access enterprise IT environments, the group is now injecting implants to identify those running Bitcoin-related software.
Researchers are reporting that an increasingly sophisticated North Korean hacking group is responsible for an attack campaign exploiting CVE-2018-4878, a critical use-after-free flaw in Flash Player that has not yet been patched.
Originally used by reputed North Korean hackers to attack the global banking sector, the Ratankba downloader trojan has been repurposed into a PowerShell-based variant that appears to be targeting small, non-financial organisations.
Amidst recent reports of renewed peace talks on the Korean peninsula, another cyber-security firm has come forward with evidence that state-sponsored North Korean hackers have been repeatedly launching spearphishing campaigns.
A North Korean cryptominer is raising questions as to whether it is an educational tool or a prototype to carry out silent attacks on unsuspecting CPUs.
Several multistage attacks that use cryptocurrency-related lures to infect victims with backdoors and reconnaissance malware that have been attributed to the Lazarus Group have been uncovered by Proofpoint researchers.
North Korea was behind the WannaCry ransomware that blazed a destructive path around the world last spring, wreaking havoc on companies of all stripes say both UK and US officials.
State-sanctioned North Korean hackers allegedly continue to target cryptocurrency companies and exchanges, particularly as a means of enriching the nation and countering the effects of imposed economic sanctions.
The US Department of Homeland Security (DHS) and US Federal Bureau of Investigation (FBI) have officially revealed the IP addresses that they say are used by the North Korean government to administer the RAT FallChill.
National Audit Office (NAO) report says NHS trusts were left vulnerable to the unsophisticated Wannacry attack because NHS chiefs ignored cyber-security recommendations. UK Government holds North Korea responsible.
Ahead of today's UK attribution of WannaCry to North Korea, Bharat Mistry advises that the reclusive country's internet and computing infrastructure is not as locked-down as we might believe, thus open to outside interference.
Cyber-criminals used stolen SWIFT codes to transfer money from multiple Nepali banks on 19 October 2017.
North Korean hackers have stolen the joint South Korean-US plans for war with the north, including plans to assassinate North Korean leader Kim Jung Un according to an FT report quoting South Korea's Democratic party.
There are four million 3G-capable mobile devices in North Korea, but only the small group of the most senior leaders and ruling elite are granted direct access to the worldwide internet.
Not much is known of the investigation by the NCSC into the attack, but experts disagree on the validity of the claims.
Ross Rustici provides insight into why North Korea is unlikely to be the answer to the identity of the WannaCry attack.
If North Korea is behind the 11 May WannaCry attack, it would be the first known time a nation-state sponsored and perpetrated a ransomware attack.
North Korea is suspect number one in an attack against South Korea's cyber command last month, according to a member of the main opposition party, Minjoo.