"Hidden Cobra," better known as the North Korean threat actor Lazarus Group, has been discovered distributing a remote administration tool to targets in the aerospace, finance, and telecommunications sectors. The US Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) in their warning yesterday called the RAT "FALLCHILL." It appears to be an espionage tool.
DHS and FBI also issued in a separate warning of a different North Korean bit of malware. This one, a Trojan called "Volgmer," is being distributed by spearphishing.
Someone—apparently a hacktivist, but it's difficult to be sure—is also hacking around North Korean radio. They got into the feed of a DPRK short-wave station (regarded as a "numbers station") and played Europe's 1986 hit "The Final Countdown."
Two Internet-of-things vulnerabilities have been disclosed. Cisco researchers report critical vulnerabilities in Foscam C1 Indoor HD Cameras. The vulnerable application firmware version is 126.96.36.199. And SEC Consult reports finding exploitable issues in older Siemens SICAM remote terminal unit modules. They're at the end of their life, and Siemens advises updating to newer versions.
OnePlus 5, 3 and 3T smartphones appear to have shipped with backdoors.
The UK reports Russian trolling during the run-up to the Brexit vote.
Both Microsoft and Adobe issued a large number of patches yesterday. Microsoft's fifty-plus fixes included some twenty that addressed Explorer and Edge critical browser issues. Adobe issued eighty patches affecting Flash Player, Photoshop, Connect, Acrobat and Reader, DNG Converter, InDesign, Digital Editions, Shockwave Player, and Experience Manager.