KnowBe4

KnowBe4, a US-based security vendor, became the target of an insider cyber threat when it inadvertently hired a North Korean hacker posing as a software engineer. Using a stolen US identity and AI-enhanced fake photo, the hacker was onboarded and sent a Mac workstation. Upon receipt, the workstation began loading malware, signaling a deliberate threat attempt. The activity was detected by KnowBe4's Security Operations Center (SOC) before any harm was done, with no data lost, compromised, or exfiltrated. An FBI investigation is ongoing, examining the incident as a potential insider threat or nation-state actor orchestration.

Source: https://www.wired.com/story/north-korean-hacker-hired-ecurity-company-malware/

"id": "kno000072724",
"linkid": "knowbe4",
"type": "Breach",
"date": "7/2024",
"severity": "25",
"impact": "1",
"explanation": "Attack without any consequences"