Geek-Guy.com

Tag: North

AI, Cybersecurity, Global Security News, Network Security

Cisco Live 2026 Preview: AI, Security, and Partner Changes

Ahead of its annual North American conference in Las Vegas, Cisco has spent the last few months rolling out a steady stream of AI-focused announcements touching nearly every corner of its business, from networking and cybersecurity to certifications and channel programs. Recent earnings report shows record revenue due to AI infrastructure demand The company’s latest…

Read more →

AI, Endpoint, Exploits, Global Security News, malware, Network Security

Lazarus APT unveils fileless remote access Trojan designed to evade detection

North Korea-linked Lazarus APT Group is using a stealthy memory-only RAT that leaves almost no forensic traces behind. North Korea-linked APT group Lazarus has never been shy about its ambitions, the threat actor has been tied to some of the most audacious financial heists in recent memory, draining hundreds of millions from cryptocurrency exchanges and…

Read more →

Europe, Global Security News, Network Security

First VPN Dismantled in Global Takedown Over Use by 25 Ransomware Groups

Authorities in Europe and North America have announced the dismantling of a criminal virtual private network (VPN) service used by criminal actors to obscure the origins of ransomware attacks, data theft, scanning, and denial-of-service attacks. The disruption of First VPN Service was led by France and the Netherlands, with several other nations supporting the investigation…

Read more →

AI, Exploits, Global Security News, malware

Interpol leads cybercrime crackdown across 13 countries in Middle East, North Africa

Interpol coordinated an expansive investigation with 13 countries in the Middle East and North Africa to disrupt and take down cybercrime operations, including phishing services and tools, malware and scams. The law enforcement effort netted 201 arrests, led to the seizure of 53 servers and disrupted multiple cybercrime services, Interpol said Monday. Operation Ramz, which…

Read more →

AI, Global Security News

INTERPOL Operation Ramz Disrupts MENA Cybercrime Networks with 201 Arrests

INTERPOL has coordinated a first-of-its-kind cybercrime crackdown across the Middle East and North Africa (MENA) that led to 201 arrests and the identification of an additional 382 suspects. The initiative involved the efforts of 13 countries from the region between October 2025 and February 2026, aiming to investigate and neutralize malicious infrastructure, arrest perpetrators behind…

Read more →

AI, Cybersecurity, Data Breaches, Global Security News, Risk Management

Nitrogen Ransomware claims massive data theft from Foxconn

Foxconn confirmed a cyberattack on some North American factories. The Nitrogen ransomware group claims it stole 8TB of data from the firm. Foxconn confirmed that several of its North American factories were affected by a cyberattack. The manufacturer confirmed it was targeted by threat actors after the Nitrogen ransomware group listed it on its Tor…

Read more →

AI, china, Global Security News

ScarCruft Hacks Gaming Platform to Deploy BirdCall Malware on Android and Windows

The North Korea-aligned state-sponsored hacking group known as ScarCruft has compromised a video game platform in a supply chain espionage attack, trojanizing its components with a backdoor called BirdCallto likely target ethnic Koreans residing in China. While prior versions of the backdoor have primarily targeted Windows users only, the supply chain attack is assessed to…

Read more →

AI, Global Security News, Network Security

Panasonic Connect introduces TOUGHBOOK 56 for Mobile Professionals

Panasonic Connect North America has launched the TOUGHBOOK 56, a modular rugged laptop designed to support mobile workers across a range of industries. The new device delivers high-performance computing, faster connectivity options, improved thermal management, and advanced security features for professionals in public safety, utilities, enterprise, and federal operations. Offering purpose-built machine to frontline professionals…

Read more →

AI, Cybersecurity, Global Security News, Government & Policy, malware

Why the Axios attack proves AI is mandatory for supply chain security

Two weeks ago, a suspected North Korean threat actor slipped malicious code into a package within Axios, a widely used JavaScript library. The immediate concern was the blast radius: roughly 100 million weekly downloads spanning enterprises, startups, and government systems. But beyond the sheer scale, the attack’s speed was just as worrisome – a stark…

Read more →

AI, Exploits, Global Security News, Network Security, Risk Management

US nationals sentenced for aiding North Korea’s tech worker scheme

Two New Jersey men were sentenced Wednesday for facilitating North Korea’s long-running scheme to plant operatives inside U.S. businesses as employees, generating more than $5 million in illicit revenue for the regime, the Justice Department said.  The U.S. nationals — Kejia Wang, also known as Tony Wang, and Zhenxing Wang, also known as Danny Wang…

Read more →

AI, Global Security News

North Korea’s APT37 Uses Facebook Social Engineering to Deliver RokRAT Malware

The North Korean hacking group tracked as APT37 (aka ScarCruft) has been attributed to a fresh multi-stage, social engineering campaign in which threat actors approached targets on Facebook and added them as friends on the social media platform, turning the trust-building exercise into a delivery channel for a remote access trojan called RokRAT. “The threat actor used…

Read more →

AI, Global Security News, malware

N. Korean Hackers Spread 1,700 Malicious Packages Across npm, PyPI, Go, Rust

The North Korea-linked persistent campaign known as Contagious Interview has spread its tentacles by publishing malicious packages targeting the Go, Rust, and PHP ecosystems. “The threat actor’s packages were designed to impersonate legitimate developer tooling […], while quietly functioning as malware loaders, extending Contagious Interview’s established playbook into a coordinated

Read more →

AI, Cybersecurity, Exploits, Funding, Global Security News

North Korea–linked hackers drain $285M from Drift in sophisticated attack

Drift lost $285M in a sophisticated attack, likely by North Korea, who used nonce-based tricks to gain control and quickly drain funds Drift suffered a $285 million cryptocurrency heist in a highly sophisticated attack likely linked to North Korea. Threat actors used durable nonce accounts to pre-sign and delay transactions, while also compromising multisig approvals…

Read more →

AI, Global Security News, Network Security, Risk Management

Your customer passed authentication. So why are they sending money to a scammer?

In this Help Net Security video, Lenny Gusel, Head of Fraud Solutions in North America at Feedzai, explains how customer identity and access management has converged with digital fraud detection, and why treating them as separate systems creates real risk. The core idea is continuous, contextual trust. Where traditional IAM grants access at a single…

Read more →

AI, Exploits, Global Security News, malware

Google links Axios npm supply chain attack to North Korea-linked APT UNC1069

Google links the Axios npm supply chain attack to North Korean threat group UNC1069, targeting financial gain. Google has attributed the recent Axios npm supply chain compromise to a North Korean threat group tracked as UNC1069. The attack, aimed at financial gain, exploited the package to target developers and organizations relying on Axios. John Hultquist…

Read more →

AI, Cybersecurity, Data Breaches, Global Security News, Network Security, Risk Management

Insider Threats Rise with North Korean AI Hiring Fraud Schemes

A suspected North Korean operative attempted to infiltrate a cybersecurity firm using a stolen identity and an AI-generated resume, underscoring how hiring pipelines are becoming an attack vector.  The failed attempt reveals how threat actors are blending identity theft, automation, and anonymized infrastructure to bypass traditional recruiting safeguards. “In June 2025, we used a combination…

Read more →

AI, Apps, Cybersecurity, Europe, Exploits, Global Security News, Network Security

Exclusive Networks Launches Ignition in North America

Exclusive Networks is expanding its incubation model for emerging cybersecurity vendors into North America, aiming to give MSPs and solution providers earlier access to next-generation, AI-driven technologies while accelerating vendor go-to-market timelines. Exclusive Networks launches Ignition in North America at RSA Conference Exclusive Networks this week announced the North American debut of its “Ignition” program,…

Read more →

AI, Global Security News, malware

North Korea-linked threat actors abuse VS Code auto-run to spread StoatWaffle malware

North Korea-linked threat actors use VS Code auto-run tasks to spread StoatWaffle malware via malicious projects that execute on folder open. North Korea-linked threat actor Team 8 behind the Contagious Interview campaign is spreading StoatWaffle malware through malicious Microsoft Visual Studio Code projects. Since late 2025, they have abused the “tasks.json” auto-run feature in Microsoft…

Read more →

AI, Global Security News, malware

North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware

The North Korean threat actors behind the Contagious Interview campaign, also tracked as WaterPlum, have been attributed to a malware family tracked as StoatWaffle that’s distributed via malicious Microsoft Visual Studio Code (VS Code) projects. The use of VS Code “tasks.json” to distribute malware is a relatively new tactic adopted by the threat actor since…

Read more →

AI, Apps, china, Global Security News, Risk Management

Behavioral XDR and threat intel nab North Korean fake IT worker within 10 days of hire

The North Korea fake IT worker scheme has become a pernicious threat across several industries. While best practices emphasize precautions throughout the hiring phase, once onboarded such operatives can be challenging to detect. Combinations of behavioral analytics, threat intelligence, and other points of information are taking shape as essential defenses, as a recent case attests.…

Read more →

AI, Global Security News, Government & Policy

Trio sentenced for facilitating North Korean IT worker scheme from their homes

Three American men were sentenced Friday for crimes they committed in furtherance of North Korea’s vast scheme to get operatives hired at U.S. companies, the Justice Department said. The trio — Audricus Phagnasay, 25, Jason Salazar, 30, and Alexander Paul Travis, 35 — pleaded guilty in November to wire fraud conspiracy for providing U.S. identities…

Read more →

AI, Data Breaches, Global Security News, Government & Policy, Network Security, Risk Management

North Carolina tech worker found guilty of insider attack netting $2.5M ransom

A 27-year-old North Carolina man was found guilty of six counts of extortion for a series of crimes he committed while working as a data analyst contractor for a D.C.-based international technology company, the Justice Department said Thursday. Cameron Nicholas Curry, also known as “Loot,” stole a trove of corporate data, including sensitive employee and…

Read more →

AI, Apps, Global Security News

Konni Deploys EndRAT Through Phishing, Uses KakaoTalk to Propagate Malware

North Korean threat actors have been observed sending phishing to compromise targets and obtain access to a victim’s KakaoTalk desktop application to distribute malicious payloads to certain contacts. The activity has been attributed by South Korean threat intelligence firm Genians to a hacking group referred to as Konni. “Initial access was achieved through a spear-phishing…

Read more →

AI, Global Security News, malware, Network Security

North Korean fake IT worker tradecraft exposed

Research from GitLab has exposed the latest tradecraft behind North Korean fake IT worker scams. GitLab banned 131 North Korean-attributed accounts last year, most of which involved JavaScript repositories that acted as resources in the so-called Contagious Interview campaign. In most cases, GitLab projects acted as obfuscated loaders for malware payloads — such as BeaverTail…

Read more →

AI, Global Security News

UNC4899 Breached Crypto Firm After Developer AirDropped Trojanized File to Work Device

The North Korean threat actor known as UNC4899 is suspected to be behind a sophisticated cloud compromise campaign targeting a cryptocurrency organization in 2025 to steal millions of dollars in cryptocurrency. The activity has been attributed with moderate confidence to the state-sponsored adversary, which is also tracked under the cryptonyms Jade Sleet, PUKCHONG, Slow Pisces,…

Read more →

AI, Apps, Global Security News, Risk Management

Microsoft warns North Korean threat groups are scaling up fake worker schemes with generative AI

North Korean threat groups are using artificial intelligence tools to accelerate and expand the country’s long-running scheme to get remote technical workers hired at global companies for longer durations, Microsoft Threat Intelligence said in a report Friday.  AI services are empowering North Korean operatives across the attack lifecycle. Attackers have turned AI into a “force…

Read more →

AI, Data Breaches, Endpoint, Exploits, Global Security News, Government & Policy, malware, Network Security

APT37 combines cloud storage and USB implants to infiltrate air-gapped systems

North Korea-linked APT 37 used Zoho WorkDrive and USB malware to breach air-gapped networks in the Ruby Jumper campaign. North Korean group ScarCruft (aka APT37, Reaper, and Group123) deployed new tools in a campaign dubbed Ruby Jumper, using a backdoor that leverages Zoho WorkDrive for C2 and a USB-based implant to breach air-gapped systems. Zscaler ThreatLabz…

Read more →

AI, Data Breaches, Global Security News, malware, Network Security

ScarCruft Uses Zoho WorkDrive and USB Malware to Breach Air-Gapped Networks

The North Korean threat actor known as ScarCruft has been attributed to a fresh set of tools, including a backdoor that uses Zoho WorkDrive for command-and-control (C2) communications to fetch more payloads and an implant that uses removable media to relay commands and breach air-gapped networks. The campaign, codenamed Ruby Jumper by Zscaler ThreatLabz, involves…

Read more →

AI, APAC, Global Security News, Government & Policy, malware

Lazarus APT group deployed Medusa Ransomware against Middle East target

North Korea’s Lazarus Group used Medusa ransomware in an attack on an unnamed Middle East organization, researchers report. The North Korea-linked Lazarus APT Group, also known as Diamond Sleet and Pompilus, has been spotted deploying Medusa ransomware against an unnamed organization in the Middle East, according a new report from the Symantec and Carbon Black…

Read more →

AI, Global Security News, Government & Policy, Network Security

North Korean IT worker scam nets Ukrainian five-year sentence in the U.S.

A Ukrainian man was sentenced to five years in the U.S. for helping North Korean IT workers use stolen identities to get hired by U.S. firms. Oleksandr “Alexander” Didenko, a 29-year-old Ukrainian national, has been sentenced to five years in a U.S. prison for supporting North Korea’s fraudulent IT worker scheme. Didenko admitted stealing U.S.…

Read more →

AI, Global Security News, Government & Policy

Ukrainian sentenced to 5 years in prison for facilitating North Korean remote worker scheme

A Ukrainian national who ran multiple operations to aid the North Korean government’s expansive scheme to  hire remote IT workers at U.S. companies was sentenced to five years in prison, the Justice Department said Thursday. Oleksandr Didenko stole U.S. citizens’ identities and created more than 2,500 fraudulent accounts on freelance IT job forums, money service…

Read more →

AI, Global Security News

Google Reports State-Backed Hackers Using Gemini AI for Recon and Attack Support

Google on Thursday said it observed the North Korea-linked threat actor known as UNC2970 using its generative artificial intelligence (AI) model Gemini to conduct reconnaissance on its targets, as various hacking groups continue to weaponize the tool for accelerating various phases of the cyber attack life cycle, enabling information operations, and even conducting model extraction…

Read more →

AI, Breaking News, cyber crime, data breach, Data Breaches, Global Security News, Government & Policy, Network Security, Security

Volvo Group hit in massive Conduent data breach

A Conduent breach exposed data of nearly 17,000 Volvo Group North America employees as the total impact rises to 25 million people. A data breach at business services provider Conduent has impacted at least 25 million people, far more than initially reported. Volvo Group North America confirmed that the security breach exposed data of nearly […]

Read more →

AI, Global Security News

North Korea-Linked UNC1069 Uses AI Lures to Attack Cryptocurrency Organizations

The North Korea-linked threat actor known as UNC1069 has been observed targeting the cryptocurrency sector to steal sensitive data from Windows and macOS systems with the ultimate goal of facilitating financial theft. “The intrusion relied on a social engineering scheme involving a compromised Telegram account, a fake Zoom meeting, a ClickFix infection vector, and reported…

Read more →