gioia://news
  • Communities
  • Create Post
  • heart
    Support Lemmy
  • search
    Search
  • Login
  • Sign Up
fne8w2ah@lemmy.world to Technology@lemmy.worldEnglish · 10 months ago

KnowBe4 mistakenly hires North Korean hacker, faces infostealer attack

www.bleepingcomputer.com

external-link
message-square
10
fedilink
135
external-link

KnowBe4 mistakenly hires North Korean hacker, faces infostealer attack

www.bleepingcomputer.com

fne8w2ah@lemmy.world to Technology@lemmy.worldEnglish · 10 months ago
message-square
10
fedilink
American cybersecurity company KnowBe4 says a person it recently hired as a Principal Software Engineer turned out to be a North Korean state actor who attempted to install information-stealing on its devices.
alert-triangle
You must log in or register to comment.
  • octopus_ink@lemmy.ml
    link
    fedilink
    English
    arrow-up
    45
    ·
    10 months ago

    It’s a little bit ironic to me that the security company formerly run by the man who literally wrote the book on social engineering may have fallen victim to a social engineering attack.

    • Evotech@lemmy.world
      link
      fedilink
      English
      arrow-up
      16
      ·
      10 months ago

      And makes it’s living on telling other companies how to increase their security posture

      • cheese_greater@lemmy.world
        link
        fedilink
        English
        arrow-up
        8
        ·
        10 months ago

        The grift has come fulk circle

    • radivojevic@discuss.online
      link
      fedilink
      English
      arrow-up
      5
      ·
      10 months ago

      We learn more lessons by failing than succeeding.

      • octopus_ink@lemmy.ml
        link
        fedilink
        English
        arrow-up
        3
        ·
        10 months ago

        True, but Kevin certainly had his share of both.

  • TimeSquirrel@kbin.melroy.org
    link
    fedilink
    arrow-up
    14
    ·
    10 months ago

    Guess they didn’t KnowBe4.

  • GildorInglorion@lemmy.world
    link
    fedilink
    English
    arrow-up
    11
    ·
    10 months ago

    (https://blog.knowbe4.com/how-a-north-korean-fake-it-worker-tried-to-infiltrate-us) They are saying they caught the guy before he had access to anything important.

    • Landless2029@lemmy.world
      link
      fedilink
      English
      arrow-up
      8
      ·
      edit-2
      10 months ago

      He made it though onboarding and got a company laptop with creds. Got flagged by SEC because he got malware day 1. Also they dug in and he was connected to the states with a VPN.

      HR failed. SEC caught it. Now SEC/CIO yell at HR.

  • AlternateRoute@lemmy.ca
    link
    fedilink
    English
    arrow-up
    8
    ·
    10 months ago

    This report makes it sound like they had a video call with camera on, vs other reports where they recommend people have camera on because they didn’t

    also used AI tools to create a profile picture and match that face during the video conference calls.

    This doesn’t sounds like the video was on / faked only that they had a call where the profile picture was used.

  • YeetPics@mander.xyz
    link
    fedilink
    English
    arrow-up
    7
    ·
    edit-2
    10 months ago

    Boy, I bet they wish they… (drumroll) KnewBe4

Technology@lemmy.world

technology@lemmy.world

Subscribe from Remote Instance

Create a post
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !technology@lemmy.world

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots


  • @L4s@lemmy.world
  • @autotldr@lemmings.world
  • @PipedLinkBot@feddit.rocks
  • @wikibot@lemmy.world
Visibility: Public
globe

This community can be federated to other instances and be posted/commented in by their users.

  • 4.01K users / day
  • 9.76K users / week
  • 18.2K users / month
  • 37.7K users / 6 months
  • 1 local subscriber
  • 69.8K subscribers
  • 14.7K Posts
  • 650K Comments
  • Modlog
  • mods:
  • L3s@lemmy.world
  • enu@lemmy.world
  • Technopagan@lemmy.world
  • L4sBot@lemmy.world
  • L3s@hackingne.ws
  • L4s@hackingne.ws
  • BE: 0.19.9
  • Modlog
  • Instances
  • Docs
  • Code
  • join-lemmy.org