Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
February 11th, 2025 (2 months ago)
|
|
|
Description: The North Korean hacking group known as Kimsuky was observed in recent attacks using a custom-built RDP Wrapper and proxy tools to directly access infected machines. [...]
February 6th, 2025 (2 months ago)
|
|
|
Description: The North Korea-linked Lazarus Group has been linked to an active campaign that leverages fake LinkedIn job offers in the cryptocurrency and travel sectors to deliver malware capable of infecting Windows, macOS, and Linux operating systems.
According to cybersecurity company Bitdefender, the scam begins with a message sent on a professional social media network, enticing them with the promise of
February 5th, 2025 (2 months ago)
|
|
|
Description: The North Korean threat actors behind the Contagious Interview campaign have been observed delivering a collection of Apple macOS malware strains dubbed FERRET as part of a supposed job interview process.
"Targets are typically asked to communicate with an interviewer through a link that throws an error message and a request to install or update some required piece of software such as VCam or
February 4th, 2025 (2 months ago)
|
|
|
Description: Over 57 distinct threat actors with ties to China, Iran, North Korea, and Russia have been observed using artificial intelligence (AI) technology powered by Google to further enable their malicious cyber and information operations.
"Threat actors are experimenting with Gemini to enable their operations, finding productivity gains but not yet developing novel capabilities," Google Threat
January 30th, 2025 (3 months ago)
|
|
|
Description: The North Korean threat actor known as the Lazarus Group has been observed leveraging a "web-based administrative platform" to oversee its command-and-control (C2) infrastructure, giving the adversary the ability to centrally supervise all aspects of their campaigns.
"Each C2 server hosted a web-based administrative platform, built with a React application and a Node.js API," SecurityScorecard's
January 29th, 2025 (3 months ago)
|
|
|
Description: A departmentwide initiative has now led to five major law enforcement actions, in an attempt to curb the increasingly common trend of North Korean hackers posing as IT job applicants.
January 24th, 2025 (3 months ago)
|
|
|
Description: A North Korean threat group has been using a technique called RID hijacking that tricks Windows into treating a low-privileged account as one with administrator permissions. [...]
January 24th, 2025 (3 months ago)
|
|
|
January 24th, 2025 (3 months ago)
|
|
|
Description: The U.S. Department of Justice (DoJ) on Thursday indicted two North Korean nationals, a Mexican national, and two of its own citizens for their alleged involvement in the ongoing fraudulent information technology (IT) worker scheme that seeks to generate revenue for the Democratic People's Republic of Korea (DPRK) in violation of international sanctions.
The action targets Jin Sung-Il (진성일), Pak
January 24th, 2025 (3 months ago)
|