The National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and others have released a joint Cybersecurity Advisory (CSA) titled "North Korea Cyber Group Conducts Global Espionage Campaign to Advance Regime's Military and Nuclear Programs." The CSA includes methods for detecting and mitigating the malicious activities of the Democratic People's Republic of Korea (DPRK) Reconnaissance General Bureau (RGB) 3rd Bureau.

The threat actor "Stargazer Goblin" has found a new way to use GitHub to spread malware and malicious links. Instead of hosting malware on GitHub and luring users to download an infected code package by clicking on a malicious link in a phishing email, the new tactic involves tricking victims into thinking that malicious repositories are legitimate through an operation involving thousands of fake accounts.

According to security researchers at Cisco Talos, ransomware and business email compromise (BEC) attacks accounted for 60% of all incidents in the second quarter of 2024.  Technology was the most targeted sector in this period, making up 24% of incidents, a 30% rise from the previous quarter.  The researchers noted that adversaries may view technology firms as a gateway into other industries and organizations, given their role in servicing various industries, including critical infrastructure.

The Internet Systems Consortium (ISC) recently announced BIND security updates that contain patches for several remotely exploitable denial-of-service (DoS) vulnerabilities in the DNS software suite.  The ISC said that the updates resolve a total of four high-severity bugs, tracked as CVE-2024-0760, CVE-2024-1737, CVE-2024-1975, and CVE-2024-4076, all of which have a CVSS score of 7.5.  The first security defect would result in the server becoming unstable when receiving a flood of DNS messages over TCP.

By grigby1