North Korean hacking group Lazarus has launched several attacks using a new malware called KandyKorn for MacOS and Signbt for Windows, warn security researchers. The group targeted blockchain engineers at a cryptocurrency exchange and used a variety of tactics to gain access to and steal data from targeted systems. Elastic Security, who analysed the threat, say both malwares have advanced capabilities to monitor and interact with systems while evading detection.
The NCSC wants developers to get serious on software security
The NCSC’s new Software Security Code of Practice has been praised by cyber professionals as a significant advancement in enhancing software supply chain security.
