North Korea: Researchers at McAfee published details in a new report outlining North Korea’s latest campaign that has been named Operation North Star. The attacks were carried out between late March and May 2020. The threat actor targeted individuals within the US defense and aerospace sectors with fake job offers in order to infect the workstations of employees who were actively looking for a new job. The attacks have been attributed to Hidden Cobra, which is an umbrella term used for the North Korean government’s hacking groups. Typically, attacks utilizing fake job offers occur through email, but in this case, the group used variations of this attack including using social media to spread the malware. These attacks were focused on intelligence gathering as the attackers attempted to infect devices to gain access to network resources and steal any information that was available to the victim.
By Anthony Zampino Introduction Leading up to the most recent Russian invasion of Ukraine in