North Korean hackers believed to be part of state-sponsored group Lazarus are reportedly targeting blockchain engineers’ Apple devices with advanced malware named Kandykorn to steal cryptocurrency. The attackers pose as a crypto arbitrage bot in a Python app delivered via a popular public Discord server. The hackers are then able to access and exfiltrate data. The campaign began in April and remains ongoing, according to cybersecurity firm Elastic Security Labs.
Connecticut Senate Bill Raises the Stakes on Data Breach Response
Hayley Steele and Gregory Szewczyk of Ballard Spahr write: A new bill introduced in Connecticut—Connecticut Senate Bill 117, An Act Concerning Breaches of Security Involving
