CyberSecurityBoard
Sponsor Register Login

APT43 Hackers Attacking Academic Institutions With Exposed Credentials

APT43, a notorious North Korean state-sponsored hacking group, has been actively targeting academic institutions worldwide, exploiting exposed credentials to gain unauthorized access. Recently, APT43 has focused on targeting South Korean academic institutions, particularly those involved in political research related to North Korea. The growing threat posed by APT43 shows the need for strong credential security and comprehensive cybersecurity strategies, particularly within academic institutions. They have evolved their tactics to include stealing and laundering cryptocurrency, supporting the North Korean government through these illicit activities. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. APT43 continues to adapt its tactics, shifting its focus based on directives from the North Korean government. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news. So, it’s highly recommended that the organizations must remain proactive, regularly update security protocols to defend against these sophisticated cyber threats. APT43, also known by aliases such as Black Banshee, Emerald Sleet, Kimsuki, and Thallium, has been involved in espionage and financial cybercrime. Linked to the Reconnaissance General Bureau (RGB), APT43 is known for its strategic intelligence gathering and financially motivated activities. Tushar is a Cyber security content editor with a passion for creating captivating and informative content. Their tactics include credential harvesting, exploiting vulnerabilities, and advanced social engineering techniques. Beyond espionage, the group has increasingly turned to financially motivated cybercrime, laundering stolen cryptocurrency through legitimate cloud-mining services. Leveraging advanced social engineering techniques, they craft highly convincing fake personas to establish trust before executing malware attacks.

This Cyber News was published on cybersecuritynews.com. Publication date: Thu, 13 Feb 2025 16:35:19 +0000


Cyber News related to APT43 Hackers Attacking Academic Institutions With Exposed Credentials

APT43 Hackers Attacking Academic Institutions With Exposed Credentials - APT43, a notorious North Korean state-sponsored hacking group, has been actively targeting academic institutions worldwide, exploiting exposed credentials to gain unauthorized access. Recently, APT43 has focused on targeting South Korean academic ...
10 months ago Cybersecuritynews.com
Data Protection in Educational Institutions - This article delves into the significance of data protection in educational institutions, emphasizing three key areas: the types of educational data, data privacy regulations, and data protection measures. Lastly, robust data protection measures are ...
2 years ago Securityzap.com
Digital Transformation in the Financial Industry: The Role of Fintech - Fintech companies are providing innovative solutions to help customers save money and manage risk more effectively than ever before; they're also fueling innovation within traditional banks themselves by creating new products based on customer ...
2 years ago Hackread.com
Credentials are Still King: Leaked Credentials, Data Breaches and Dark Web Markets - Infostealers infect computers, steal all of the credentials saved in the browser along with active session cookies and other data, then export it back to command and control infrastructure before, in some cases, self-terminating. This article will ...
1 year ago Bleepingcomputer.com
North Korea APT Slapped With Cyber Sanctions After Satellite Launch - The US Department of the Treasury Office of Foreign Assets Control has announced it has sanctioned cyberespionage group Kimsuky for collecting intelligence on behalf of the Democratic People's Republic of Korea. The OFAC said the sanctions are ...
2 years ago Darkreading.com Kimsuky
How Hackers Interrupted GTA 5 Online Gameplay on PC - Recently, a cyber-attack on Grand Theft Auto 5 Online on PC caused an interruption to thousands of players’ gameplays. The game was completely taken offline and players couldn’t even access the main gameplay menu. The attack caused an uproar ...
2 years ago Hackread.com
Securing Student Data in Cloud Services - In today's educational landscape, securing student data in cloud services is of utmost importance. One key aspect of securing student data in cloud services is ensuring proper data encryption. This article explores the various challenges and best ...
1 year ago Securityzap.com
Kubernetes Security: Sensitive Secrets Exposed - Cybersecurity researchers are warning of Kubernetes security issues amid the exposure of configuration secrets. Researchers believe that such attacks could be orchestrated using Kubernetes secrets exposed in public repositories as they allow access ...
2 years ago Securityboulevard.com
Data Breaches in US Schools Exposed 37.6M Records - Since 2005, educational institutions in the United States have experienced 3713 data breaches, impacting over 37.6m records. According to new data by Comparitech, 2023 marked a record year, with 954 breaches recorded - a dramatic rise from 139 in ...
1 year ago Infosecurity-magazine.com
Hackers breach Australian court hearing database - The court system for Australia's second-most-populated state was hit by a ransomware attack that potentially exposed sensitive recordings of some court hearings. Court Services Victoria, an administrative body that supports the operations of the ...
1 year ago Therecord.media Qilin
Android game dev's Google Drive misconfig highlights cloud security risks - Japanese game developer Ateam has proven that a simple Google Drive configuration mistake can result in the potential but unlikely exposure of sensitive information for nearly one million people over a period of six years and eight months. The ...
1 year ago Bleepingcomputer.com
How To Use YARA Rules To Identify Financial Sector Targeted Attacks - By analyzing multiple samples from the same malware family, security teams can create YARA rules that identify various iterations of the threat, even as attackers attempt to modify their code to evade detection. By scanning network traffic for ...
8 months ago Cybersecuritynews.com Hunters
Thwarting Common Vulnerabilities: Financial Sector - DZone - By providing that kind of training alongside things like incentives for security champions and privilege-based initiatives where only the best, most security-aware developers who have completed their training are allowed to work with critical assets, ...
1 year ago Feeds.dzone.com
HellCat hackers go on a worldwide Jira hacking spree - The Swiss company did not provide technical details about the breach but targeting the Jira ticketing system has become a common attack method for the HellCat hackers. Rey, a member of the HellCat hacking group, told BleepingComputer that they stole ...
9 months ago Bleepingcomputer.com
US govt sanctions North Korea's Kimsuky hacking group - The Treasury Department's Office of Foreign Assets Control has sanctioned the North Korean-backed Kimsuky hacking group for stealing intelligence in support of the country's strategic goals. OFAC has also sanctioned eight North Korean agents for ...
2 years ago Bleepingcomputer.com Andariel Kimsuky
UnksmudgedSerpent targets academics in new cyber espionage campaign - UnksmudgedSerpent, a newly identified cyber espionage group, has been actively targeting academic institutions worldwide. This group employs sophisticated phishing campaigns and custom malware to infiltrate university networks and steal sensitive ...
1 month ago Infosecurity-magazine.com UnksmudgedSerpent
Operation HollowQuill Weaponizing PDF Documents to Infiltrate Academic & Government Networks - A sophisticated cyber espionage campaign dubbed “Operation HollowQuill” has been uncovered targeting academic institutions and government agencies worldwide through weaponized PDF documents. Once opened, these documents silently deploy a ...
8 months ago Cybersecuritynews.com
Booking.com hackers increase attacks on customers - Hackers are increasing their attacks on Booking.com customers by posting adverts on dark web forums asking for help finding victims. Cyber-criminals are offering up to $2,000 for login details of hotels as they continue to target the people who are ...
2 years ago Bbc.com
Weaponized PDF Documents Deliver Lumma InfoStealer Attacking Educational Institutions - Security analysts at Cloudsek noted that the malware employs advanced evasion techniques like obfuscated scripts and encrypted communications with Command-and-Control (C2) servers. This sophisticated campaign exploits malicious LNK (shortcut) files ...
10 months ago Cybersecuritynews.com
Tor University Challenge: First Semester Report Card - In August of 2023 EFF announced the Tor University Challenge, a campaign to get more universities around the world to operate Tor relays. The primary goal of this campaign is to strengthen the Tor network by creating more high bandwidth and reliable ...
2 years ago Eff.org
Content Credentials Show Promise, But Ecosystem Still Young - It's a good start, but an end-to-end workflow requires more: Cameras or smartphones to generate signed images, support for Content Credentials in a wide variety of image-editing software, and the ability to view authenticated metadata on social ...
10 months ago Darkreading.com
North Korea-linked APT Kimsuky targeted German defense firm Diehl Defence - North Korea-linked APT group Kimsuky has been linked to a cyberattack on Diehl Defence, a defense firm specializing in the production of advanced military systems. “Researchers from Mandiant, a Google subsidiary, uncovered and analyzed a ...
1 year ago Securityaffairs.com Kimsuky
North Korean Hackers Utilizing Credential Stuffing to Launch Cyberattacks - In an alarming new report, researchers found that North Korean-linked hackers have been using stolen passwords during cyberattacks to gain access to various government, military and financial networks. According to security experts, the creative ...
2 years ago Thehackernews.com
CVE-2021-35571 - Vulnerability in the PeopleSoft Enterprise CS Academic Advisement product of Oracle PeopleSoft (component: Advising Notes). The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network ...
4 years ago
Holiday Hackers: How to Safeguard Your Service Desk - Hackers really don't take holidays, but they will take advantage of them. Many of these cyberattacks will zero in on the service or help desk to gain entry into network systems. Recovering accounts because of forgotten passwords is one of the ...
2 years ago Bleepingcomputer.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)