1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Google says North Korea-backed hackers are targeting security res

    From TechnologyDaily@1337:1/100 to All on Mon Sep 11 10:30:03 2023
    Google says North Korea-backed hackers are targeting security researchers again

    Date:
    Mon, 11 Sep 2023 10:12:51 +0000

    Description:
    A new zero-day exploit has been linked to a North Korean government-backed hacker group.

    FULL STORY ======================================================================

    Googles Threat Analysis Group (TAG) has been following, tracking, and disrupting North Korea-backed hackers targeting security researchers since January 2021 - but the group still remains at large.

    TAGs researchers have said that a newly discovered campaign is very likely
    the work of the same hackers, and is again exploiting a zero-day
    vulnerability as with previous campaigns.

    As ever, security researchers remain the target and Google continues to
    advise that researchers exercise strong security measures. New zero-day exploit targeting security researchers

    Google (for obvious reasons) has not shared specific information regarding
    the vulnerability, however it promises to have notified the vendor who is in the process of issuing a patch.

    The warning discloses how attackers engage with victims - sometimes over months in order to build trust - before executing an attack. The process typically moves from a less restricted platform like X to an encrypted messaging service where an attackers anonymity can be more effectively preserved. Cybersecurity researchers typically rely on extended communities
    of like-minded individuals who share similar interests.

    TAG confirmed: The shellcode used in this exploit is constructed in a similar manner to shellcode observed in previous North Korean exploits.

    More broadly, TAG notifies Google which then goes on to add the untrustworthy domains to its Safe Browsing feature, which checks the sites visited by a
    user against a locally-stored list of known malicious domains that spread malware , phishing attacks, and more.

    Chrome's standard Safe Browsing is soon to be improved with a feature
    borrowed from Enhanced Safe Browsing , which promises real-time scanning to weed out even more threats - but at the expense of some privacy.

    TAG added: We are committed to sharing our findings with the security community to raise awareness, and with companies and individuals that might have been targeted by these activities. More from TechRadar Pro Check out our roundup of the best firewalls Google is on a crusade against cybersecurity threats from North Korea Give your hardware a cybersecurity boost with the best endpoint protection software



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/google-says-north-korea-backed-hackers- are-targeting-security-researchers-again


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)