It’s pay day for the North Korean government. Cyber criminals in the Democratic People’s Republic of Korea (DPRK) had their busiest year yet in 2023, executing the highest number of individual crypto hacks than ever before, according to a new report from Chainalysis, a blockchain analysis firm headquartered in New York City.

But why is anyone in North Korea interested in your crypto anyway?

“[Bad actors in North Korea] have found an avenue where they can seize significant money in ways that they haven’t found through fiat currencies or other crime types. So, this has been a really lucrative endeavor for them,” Erin Plante, VP of investigations at Chainalysis, told IT Brew.

A government affair. North Korea-affiliated hackers have had their eyes on crypto for years, stealing nearly $1.7 billion in 2022 and a little over a billion the following year. Though the amount stolen decreased in 2023, the number of incidents shot up to 20, the highest number recorded for North Korean crypto hacks so far, according to the report.

Read more here.—AF

Do you work in IT or have information about your IT department you want to share? Email [email protected].

With observability, you can effectively monitor, analyze, and debug your in-process applications. And it doesn’t end there. You’ll also get a holistic view of your systems, so you can improve performance, reliability, and efficiency.

Don’t take our word for it. Learn how to establish observability in your systems at AWS and DevOps Institute’s webinar Architecting Continuous Observability From Development to Production on Feb. 12. Get tips on how to:

• Choose an optimal data type and service to monitor application progression.
• Enhance your ability to store, query, and visualize system telemetry for more effective insights.
• Enable transparency and address issues proactively before they impact operations.

Register for the webinar here.

Email providers like Google, Yahoo, and Apple are turning up the dial on email authentication requirements: Bulk email senders will need to adopt the open-source specification known as—deep breath—Domain-based Message Authentication Reporting and Conformance, or DMARC.

And plenty of orgs don’t have a DMARC policy in place, which means emails won’t make it to their D-stinations.

“If you don’t pass the DMARC standard, you are at risk of getting blocked or rejected,” Robert Holmes, group VP and GM, sender security and authentication at the cybersecurity company Proofpoint, told IT Brew.

A study from Proofpoint found that 27% of the Global 2000 companies “have no DMARC record in place at all.”

What is DMARC? A DMARC policy allows domain owners to dictate how emails are treated when they do not pass two important tests:

• A verification of the sending domain’s IP address (known as SPF).
• A cryptographic signature to validate the sender (known as DKIM).

Too many letters already, yes, but a DMARC policy says, effectively: reject, quarantine, or allow. For companies like Proofpoint, any sender not passing authentication requirements is rejected.

Read more here.—BH

Do you work in IT or have information about your IT department you want to share? Email [email protected].

Getting rid of red flags and catastrophic events in your code? There’s a platform for that.

AI startup p0 aims to help developers find and eliminate events in their code that would normally cause platform crashes and other major issues. Founded by Kunal Agarwal and Prakash Sanker in 2022, p0 uses generative AI to identify security issues in code, managing everything from speed and timeout issues to validation failures and data integrity issues.

Cha-ching. Users can access and use p0 for free on the cloud or with a local setup; the startup also offers enterprises a paid version. Having just come out of stealth, p0 recently announced it raised $6.5 million from lead investor Lightspeed Venture Partners, as well as Alchemy Ventures.

Keep reading here.—AF

Do you work in IT or have information about your IT department you want to share? Email [email protected].

Today’s top IT reads.

Stat: $5 billion. That’s how much the Biden administration announced it would invest in its National Semiconductor Technology Center aimed at researching and developing advanced computer chips. (the AP)

Quote: “There will always be free options, and we can’t enshittify the network with ads.”—Bluesky CEO Jay Graber, discussing future plans for the no-longer-invitation-only platform (Wired)

Read: Why hackers want travel accounts. (USA Today)

Crack the code: Sign up for this webinar on Feb. 12 to learn how to establish observability throughout your entire software development life cycle. Learn straight from the experts + register here.*

^{*A message from our sponsor.}