Changes in the group’s script may indicate that the hackers may start using attack vectors other than ActiveX.

The Sun Team APT, likely linked to North Korea, uses Google Play and Facebook as attack vectors.

Samples of North Korean antivirus software called SiliVaccine crib software code from a competitor and come loaded with malware and a backdoor.

It’s analyzing the server, operated by the North Korea-sponsored APT, which was used to control the global GhostSecret espionage campaign affecting 17 countries.

The nature of cyberattacks is changing and increasingly leveraging social networks as they take aim at new targets.

The WannaCry story has new life with the attacks having withdrawn the Bitcoin collected as ransom during the attacks, and with the detainment of killswitch researcher Marcus Hutchins in Nevada.

As reports of the NSA officially connecting WannaCry to North Korea surface, experts are saying developers failed to contain the ransomware before it was ready for deployment.

A linguistics analysis of the 28 ransom notes included with WannaCry indicate that native Chinese and English speakers wrote the original note, Flashpoint said.

Researchers urge Windows admins to apply MS17-010 before the next attack using the EternalBlue NSA exploit deploys a worse payload than WannaCry ransomware.

Experts have confirmed there are similarities between code used by the ransomware WannaCry and the Lazarus APT.