#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
State of SaaS

BlueNoroff | Breaking Cybersecurity News | The Hacker News

Category — BlueNoroff
New macOS Malware TodoSwift Linked to North Korean Hacking Groups

New macOS Malware TodoSwift Linked to North Korean Hacking Groups

Aug 21, 2024 Malware / Cryptocurrency
Cybersecurity researchers have uncovered a new macOS malware strain dubbed TodoSwift that they say exhibits commonalities with known malicious software used by North Korean hacking groups. "This application shares several behaviors with malware we've seen that originated in North Korea (DPRK) — specifically the threat actor known as BlueNoroff — such as KANDYKORN and RustBucket ," Kandji security researcher Christopher Lopez said in an analysis. RustBucket, which first came to light in July 2023, refers to an AppleScript-based backdoor that's capable of fetching next-stage payloads from a command-and-control (C2) server. Late last year, Elastic Security Labs also uncovered another macOS malware tracked as KANDYKORN that was deployed in connection with a cyber attack targeting blockchain engineers of an unnamed cryptocurrency exchange platform. Delivered by means of a sophisticated multi-stage infection chain, KANDYKORN possesses capabilities to access and exfi...
Microsoft Warns of Fake Skills Assessment Portals Targeting IT Job Seekers

Microsoft Warns of Fake Skills Assessment Portals Targeting IT Job Seekers

Nov 11, 2023 Threat Intelligence / Cybercrime
A sub-cluster within the infamous Lazarus Group has established new infrastructure that impersonates skills assessment portals as part of its social engineering campaigns. Microsoft attributed the activity to a threat actor it calls  Sapphire Sleet , describing it as a "shift in the persistent actor's tactics." Sapphire Sleet, also called APT38, BlueNoroff, CageyChameleon, and CryptoCore, has a track record of orchestrating cryptocurrency theft via social engineering. Earlier this week, Jamf Threat Labs implicated the threat actor to a new macOS malware family called  ObjCShellz  that's assessed to be a late-stage payload delivered in connection with another macOS malware known as RustBucket. "Sapphire Sleet typically finds targets on platforms like LinkedIn and uses lures related to skills assessment," the Microsoft Threat Intelligence team  said  in a series of posts on X (formerly Twitter). "The threat actor then moves successful communication...
Product Walkthrough: How Satori Secures Sensitive Data From Production to AI

Product Walkthrough: How Satori Secures Sensitive Data From Production to AI

Jan 20, 2025Data Security / Data Monitoring
Every week seems to bring news of another data breach, and it's no surprise why: securing sensitive data has become harder than ever. And it's not just because companies are dealing with orders of magnitude more data. Data flows and user roles are constantly shifting, and data is stored across multiple technologies and cloud environments. Not to mention, compliance requirements are only getting stricter and more elaborate.  The problem is that while the data landscape has evolved rapidly, the usual strategies for securing that data are stuck in the past. Gone are the days when data lived in predictable places, with access controlled by a chosen few. Today, practically every department in the business needs to use customer data, and AI adoption means huge datasets, and a constant flux of permissions, use cases, and tools. Security teams are struggling to implement effective strategies for securing sensitive data, and a new crop of tools, called data security platforms, have appear...
Expert Insights / Articles Videos
Cybersecurity Resources