NEW

Security news and analysis brought to you by the McCrary Institute

| READ MORE →

North Korean cryptocurrency thieves caught hijacking Zoom ‘remote control’ feature

(Image by Gabrielli Pereira from Pixabay)

By Ryan Naraine • Apr 22, 2025

North Korean cryptocurrency thieves are quietly repurposing a little‑known Zoom Remote collaboration feature to plant infostealer malware on the workstations of cryptocurrency traders and venture investors.

According to separate advisories from the non‑profit Security Alliance (SEAL) and cybersecurity research firm Trail of Bits, Pyongyang hackers posing as VC investors have been caught sending phishing lures with Calendly links to Zoom meetings.

The campaign, tracked by SEAL as Elusive Comet, begins with a standard press‑relations pitch or a direct message inviting the target to appear on a podcast run by Aureon Capital.

Read more at Security Week

Read More

Spain and Portugal hit by major power outage, halting trains and flights and wiping out traffic lights

News | Energy

Spain and Portugal hit by major power outage, halting trains and flights and wiping out traffic lights

CNN • Apr 28, 2025

Murder charges filed against suspect in ramming attack on Vancouver street festival that killed 11

News | Commercial

Murder charges filed against suspect in ramming attack on Vancouver street festival that killed 11

The Associated Press • Apr 27, 2025

Kubernetes pods are inheriting too many permissions

News

Kubernetes pods are inheriting too many permissions

Dark Reading • Apr 27, 2025

How the GCC is strengthening its cyber resilience in the digital age

News | Government

How the GCC is strengthening its cyber resilience in the digital age

World Economic Forum • Apr 27, 2025

Verizon's DBIR reveals 34% jump in vulnerability exploitation

News

Verizon's DBIR reveals 34% jump in vulnerability exploitation

Infosecurity Magazine • Apr 27, 2025

Attackers hit security device defects hard in 2024

News | Information Technology

Attackers hit security device defects hard in 2024

CyberScoop • Apr 27, 2025

News | Financial

Financial malware on the rise as espionage attacks decline

SC Media • Apr 27, 2025

News | Water

Energy | Transportation | Water

CISA flags critical ICS vulnerabilities in Siemens, Schneider Electric, ABB equipment affecting critical sectors

Industrial Cyber • Apr 27, 2025

News

Cisco confirms some products impacted by critical Erlang/OTP flaw

Security Week • Apr 27, 2025

News | Information Technology

ASUS releases fix for AMI bug that lets hackers brick servers

Bleeping Computer • Apr 27, 2025