North Korean threat actor Jumpy Pisces collaborated with the Play ransomware gang in a cyberattack, according to Palo Alto Networks Unit 42. Jumpy Pisces made initial access through a compromised account, utilising open-source and custom tools for lateral movement and persistence. The access was then used to conduct pre-ransomware activity and deploy the Play ransomware payload. Jumpy Pisces, linked to North Korea’s Reconnaissance General Bureau, is transitioning from cyberespionage to financially motivated attacks.
5 charged in “Scattered Spider,” one of the most profitable phishing scams ever
Phishing attacks occurring from September 2021 to April 2023 targeted employees at various companies. The attackers sent deceiving text messages posing as the victims’ IT
