Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
United States Government Security

US Govt Exposes New North Korean Malware, Phishing Attacks (bleepingcomputer.com) 17

Posted by msmash from the security-woes dept.
The US government today released information on three new malware variants used in malicious cyber activity campaigns by a North Korean government-backed hacker group tracked as HIDDEN COBRA. From a report: The new malware is being used "for phishing and remote access by #DPRK cyber actors to conduct illegal activity, steal funds & evade sanctions" according to the information published by Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Defense (DoD). U.S. Cyber Command has also uploaded five samples of the newly discovered malware variants onto the VirusTotal malware aggregation repository. Besides the malware samples shared by the U.S. Cyber Command, CISA has also published detailed malware analysis reports (MARs) on its website containing indicators of compromise (IOCs) and YARA rules for each of the detected samples. The cybersecurity agency also provides mitigation measures in the form of Snort rules, as well as recommendations for system owners and administrators to strengthen the security posture of their organization's systems.
This discussion has been archived. No new comments can be posted.

US Govt Exposes New North Korean Malware, Phishing Attacks More

US Govt Exposes New North Korean Malware, Phishing Attacks

Comments Filter:

  • Credible threat? (Score:3)

    by drinkypoo ( 153816 ) <drink@hyperlogos.org> on Tuesday May 12, 2020 @02:11PM (#60053022) Homepage Journal

    If NK can penetrate our systems with their antique equipment, what does that say about us?

    • Re: (Score:2)

      by owlaf ( 5251737 )
      I am sure they got help from the Chinese, so they may not be as behind as you think

    • Re: (Score:1)

      by Anonymous Coward

      A) they get help from china
      B) NK is not stupid
      C) Security is only as strong as your weakest link
      D) the US has a variety of government organizations controlled by state and local governments that have different levels of security.
      E) it's not hard to phish and create maleware.

    • I'm sure a few $2k laptops to your elite terrorism squad is affordable when you build nuclear missiles in preference to feeding your people.

    • Our security mindset really does suck (Score:4)

      by raymorris ( 2726007 ) on Tuesday May 12, 2020 @02:33PM (#60053106) Journal

      I do IT security for a living. Our security really does suck ass.
      Our users click without thinking.
      Our developers build things that seem like they mostly pretty much work if the input is as expected, with little thought about what goes wrong with malicious input.
      Even our security teams and the people building security products do some really stupid things.

      One example from this week. The company I work for just transitioned off of a particular two factor auth system. The salespeople said 2FA is important. Logging into the admin for the 2FA system doesn't use 2FA. If their product is needed (because 2FA is important), it's done wrong (because it doesn't use 2FA).

      • Our users click without thinking.

        Incorrect. They are thinking "not my problem if this goes south, plus I might learn something"

      • Our developers build things that seem like they mostly pretty much work if the input is as expected, with little thought about what goes wrong with malicious input.

        There's nothing new about that! About twenty years or so ago, I was at a meeting where a new version of some internal software was presented to us peons. It soon developed that the software made no attempt to validate input. When the developer was asked why not, he replied, "Because in a perfect world, people would make sure their input was

        • I hear ya. Before most software was connected to the network and even the public internet, we'd say "garbage in, garbage out". One might be able to make an argument for that for desktop software (perhaps not a great argument, but an argument).

          Now, within 8 hours of the software going live on the internet, bad guys will be sending it specially-crafted garbage. It becomes "garbage in, all of your company's confidential records out". It's a whole different world.

    • There's no doubt that our computer security in general sucks, but cyber-warfare is unlikely conventional warfare in that you don't need a fully modern fleet of tanks, cruisers, etc. when a 15-year old kid with an internet connection [telegraph.co.uk] is typically enough. It's the best theater possible for asymmetric warfare since the more antiquated your equipment or the less of it you have, the less there is to attack.

  • Couldn't this situation be pretty much resolved with a single un-hacked and properly programmed cruise missile?

  • I thought Trump's best buddy and trusted pal, Kim Jong Un, was a nice guy we should be buddies with. How could something like this happen?

Slashdot Top Deals

//GO.SYSIN DD *, DOODAH, DOODAH

Close