The US has seized 17 website domains allegedly used by North Korean IT workers in a scheme to defraud businesses and fund DPRK’s government arms programmes. The latest action reputedly followed seizures in October 2022 and January 2023 of about $1.5m of revenue earned through this scheme, showing the dire need for due diligence when hiring remote IT workers. The fraudulent sites made to look like genuine US-based services, coupled with false identities, have helped these IT workers infiltrate various businesses and raise funds for DPRK.
Week in review: Claude Mythos finds 271 Firefox flaws, Vercel breach
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: SmokedMeat: Open-source tool shows what attackers do inside CI/CD pipelines
