Cyber Firm KnowBe4 Hired a Fake IT Worker From North Korea

In a blog post on Tuesday, security firm KnowBe4 revealed that a remote software engineer hire was a North Korean threat actor using a stolen identity and AI-augmented images. “Detailing a seemingly thorough interview process that included background checks, verified references and four video conference-based interviews, KnowBe4 founder and CEO Stu Sjouwerman said the worker avoided being caught by using a valid identity that was stolen from a U.S.-based individual,” reports CyberScoop. “The scheme was further enhanced by the actor using a stock image augmented by artificial intelligence.” From the report: An internal investigation started when KnowBe4’s InfoSec Security Operations Center team detected “a series of suspicious activities” from the new hire. The remote worker was sent an Apple laptop, which was flagged by the company on July 15 when malware was loaded onto the machine. The AI-filtered photo, meanwhile, was flagged by the company’s Endpoint Detection and Response software. Later that evening, the SOC team had “contained” the fake worker’s systems after he stopped responding to outreach. During a roughly 25-minute period, “the attacker performed various actions to manipulate session history files, transfer potentially harmful files, and execute unauthorized software,” Sjouwerman wrote in the post. “He used a [single-board computer] raspberry pi to download the malware.” From there, the company shared its data and findings with the FBI and with Mandiant, the Google-owned cyber firm, and came to the conclusion that the worker was a fictional persona operating from North Korea.

KnowBe4 said the fake employee likely had his workstation connected “to an address that is basically an ‘IT mule laptop farm.'” They’d then use a VPN to work the night shift from where they actually reside — in this case, North Korea “or over the border in China.” That work would take place overnight, making it appear that they’re logged on during normal U.S. business hours. “The scam is that they are actually doing the work, getting paid well, and give a large amount to North Korea to fund their illegal programs,” Sjouwerman wrote. “I don’t have to tell you about the severe risk of this.” Despite the intrusion, Sjouwerman said “no illegal access was gained, and no data was lost, compromised, or exfiltrated on any KnowBe4 systems.” He chalked up the incident to a threat actor that “demonstrated a high level of sophistication in creating a believable cover identity” and identified “weaknesses in the hiring and background check processes.”

Read more of this story at Slashdot.

World of Warcraft Developers Form Blizzard’s Largest and Most Inclusive Union

Ash Parrish reports via The Verge: More than 500 developers at Blizzard Entertainment who work on World of Warcraft have voted to form a union. The World of Warcraft GameMakers Guild, formed with the assistance of the Communication Workers of America (CWA), is composed of employees across every department, including designers, engineers, artists, producers, and more. Together, they have formed the largest wall-to-wall union — or a union inclusive of multiple departments and disciplines — at Microsoft. This news comes less than a week after the formation of the Bethesda Game Studios union, which, at the time of the announcement, was itself the largest wall-to-wall Microsoft union. […]

The World of Warcraft GameMakers Guild is made up of over 500 members across Blizzard offices in California and Massachusetts. Despite its size — it is the second largest union at Microsoft overall behind Activision’s 600-member QA union — [Paul Cox, senior quest designer and Blizzard veteran] said that Microsoft’s labor neutrality agreement helped get the organization ball rolling. In a statement to The Verge, Microsoft spokesperson Delaney Simmons said, “We continue to support our employees’ right to choose how they are represented in the workplace, and we will engage in good faith negotiations with the CWA as we work towards a collective bargaining agreement.”

Read more of this story at Slashdot.

Hackers Leak Documents From Pentagon IT Services Provider Leidos

According to Bloomberg, hackers have leaked internal documents stolen from Leidos Holdings, one of the largest IT services providers of the U.S. government. Reuters reports: The company recently became aware of the issue and believes the documents were taken during a previously reported breach of a Diligent Corp. system it used, the report said, adding that Leidos is investigating it. The Virginia-based company, which counts the U.S. Department of Defense as its primary customer, used the Diligent system to host information gathered in internal investigations, the report added, citing a filing from June 2023. A spokesperson for Diligent said the issue seems to be related to an incident from 2022, affecting its subsidiary Steele Compliance Solutions. The company notified impacted customers and had taken corrective action to contain the incident in November 2022.

Read more of this story at Slashdot.

Alphabet To Invest Another $5 Billion Into Waymo

During Alphabet’s second-quarter earnings call today, Alphabet CFO Ruth Porat announced the organization will spend an additional $5 billion on its self-driving subsidiary, Waymo. “This new round of funding, which is consistent with recent annual investment levels, will enable Waymo to continue to build the world’s leading autonomous driving technology company,” said Porat. TechCrunch reports: Porat noted that Google will focus on improving overall efficiencies in its “other bets” segment, which includes innovative projects that are distinct from the tech giant’s core search and advertising business. Other companies in this segment are Verily, Calico, Google Ventures and drone company Wing. “Waymo is an important example of this, with its technical leadership coupled with progress on operational performance,” Porat continued. The executive noted that parent company Alphabet’s 10-Q form, which has yet to be filed, will have more details.

Read more of this story at Slashdot.

Indie Game Publisher Humble Games Reportedly Lays Off All Staff

Humble Games, the indie game publisher behind the popular pay-what-you-want “Humble Game Bundle,” has laid off its entire staff of 36 people. However, the company says it is not shutting down and Humble Bundle will not be impacted. Instead, the job cuts are part of a restructuring of operations. GameSpot reports: In a statement shared with GameSpot, Humble Games confirmed that Humble Bundle will have “no impact on its operations. Additionally, ongoing and upcoming games from Humble Games will still move ahead and be published by the company. Humble Games is the publisher of many notable indie games, including Stray Gods, Bo: Path of the Teal Lotus, Chinatown Detective Agency, Ikenfell, Unpacking, Slay the Spire, and Midnight Fight Express, just to name a few.

Humble Games is the separate publishing arm of digital storefront Humble Bundle. Both companies are owned by IGN Entertainment, but operate as a separate entities. Earlier this year, IGN Entertainment also bought video game websites Eurogamer, Rock Paper Shotgun, VG247, GamesIndustry.biz, and Dicebreaker from Gamer Network.

Read more of this story at Slashdot.