Detecting fraudulent North Korean hires: A CISO playbook
Has a North Korean threat actor applied for a position at your organization, or even been hired? We’re sharing a toolkit to help you detect and avoid that risk.
Similar Posts
Douglas County Health & Human Services notifies patients that former employee accessed their records inappropriately
Bys sAlex Evans reports: Unauthorized access of HIPAA-protected information by county employee, largely flies under the radar. Six-months after the Douglas County Department of Health and Human Services determined an employee had accessed protected personal and health information without authorization, a notice appeared on the county’s website. That notice can be found here. Fox21 reports some…
Nation-State Hackers Deploy New Airstalk Malware in Suspected Supply Chain Attack
Bys sA suspected nation-state threat actor has been linked to the distribution of a new malware called Airstalk as part of a likely supply chain attack. Palo Alto Networks Unit 42 said it’s tracking the cluster under the moniker CL-STA-1009, where “CL” stands for cluster and “STA” refers to state-backed motivation. “Airstalk misuses the AirWatch API…
X Warns Users With Security Keys to Re-Enroll Before November 10 to Avoid Lockouts
Bys sSocial media platform X is urging users who have enrolled for two-factor authentication (2FA) using passkeys and hardware security keys like Yubikeys to re-enroll their key to ensure continued access to the service. To that end, users are being asked to complete the re-enrollment, either using their existing security key or enrolling a new one,…
Justice Department Implements Critical National Security Program to Protect Americans’ Sensitive Data from Foreign Adversaries
Bys sDepartment Answers Frequently Asked Questions, Provides Guidance, and Issues Limited Enforcement Policy for First 90 Days Today, the Justice Department took significant steps to move forward with implementing a critical program to prevent China, Russia, Iran, and other foreign adversaries from using commercial activities to access and exploit U.S. government-related data and Americans’ sensitive personal…
Apple Patches Two Actively Exploited iOS Flaws Used in Sophisticated Targeted Attacks
Bys sApple on Wednesday released security updates for iOS, iPadOS, macOS Sequoia, tvOS, and visionOS to address two security flaws that it said have come under active exploitation in the wild. The vulnerabilities in question are listed below – CVE-2025-31200 (CVSS score: 7.5) – A memory corruption vulnerability in the Core Audio framework that could allow…
Sophos named a Leader in the KuppingerCole 2025 Leadership Compass for Email Security
Bys sA milestone that reflects our constant progress in email security.