NICKEL TAPESTRY expands fraudulent worker operations
The North Korean IT worker scheme grows to include organizations in Europe and Asia and industries beyond the technology sector
Similar Posts
How federal rules on cybersecurity breach transparency for businesses were challenged in court in 2024
Bys sDom DiFurio reports: In October, four companies collectively paid nearly $7 million as part of a settlement with the Securities and Exchange Commission for allegedly failing to properly inform investors of a cyberbreach affecting their companies, a liability American businesses have not previously faced. The companies were compromised in a cyberattack targeting their IT software provider in…
ThreatsDay Bulletin: $176M Crypto Fine, Hacking Formula 1, Chromium Vulns, AI Hijack & More
Bys sCriminals don’t need to be clever all the time; they just follow the easiest path in: trick users, exploit stale components, or abuse trusted systems like OAuth and package registries. If your stack or habits make any of those easy, you’re already a target. This week’s ThreatsDay highlights show exactly how those weak points are…
150,000 Sites Compromised by JavaScript Injection Promoting Chinese Gambling Platforms
Bys sAn ongoing campaign that infiltrates legitimate websites with malicious JavaScript injects to promote Chinese-language gambling platforms has ballooned to compromise approximately 150,000 sites to date. “The threat actor has slightly revamped their interface but is still relying on an iframe injection to display a full-screen overlay in the visitor’s browser,” c/side security analyst Himanshu
Meta Expands WhatsApp Security Research with New Proxy Tool and $4M in Bounties This Year
Bys sMeta on Tuesday said it has made available a tool called WhatsApp Research Proxy to some of its long-time bug bounty researchers to help improve the program and more effectively research the messaging platform’s network protocol. The idea is to make it easier to delve into WhatsApp-specific technologies as the application continues to be a…
Signals of Trouble: Multiple Russia-Aligned Threat Actors Actively Targeting Signal Messenger
Bys sDan Black of Google’s Threat Intelligence Group writes: Google Threat Intelligence Group (GTIG) has observed increasing efforts from several Russia state-aligned threat actors to compromise Signal Messenger accounts used by individuals of interest to Russia’s intelligence services. While this emerging operational interest has likely been sparked by wartime demands to gain access to sensitive government…
Medusa Unveils Another 50TB of Stolen Data from HCRG Care Group, Giving Greater Insight Into the Scope of the Breach
Bys sAfter the Medusa gang reportedly demanded a $2 million ransom from UK healthcare and community services provider HCRG Care Group, HCRG confirmed they had a breach and said they were investigating. But they did not confirm that patient data and employee was affected and they did not confirm that files had been encrypted. On February…