all InfoSec news
Kimsuky Evolves Reconnaissance Capabilities in New Global Campaign
May 4, 2023, 2:02 p.m. | MalBot
Malware Analysis, News and Indicators - Latest topics malware.news
By Tom Hegel and Aleksandar Milenkoski
Executive Summary
- SentinelLabs has observed ongoing attacks from Kimsuky, a North Korean state-sponsored APT that has a long history of targeting organizations across Asia, North America, and Europe.
- Ongoing campaigns use a new malware component we call ReconShark, which is actively delivered to specifically targeted individuals through spear-phishing emails, OneDrive links leading to document downloads, and the execution of malicious macros.
- ReconShark functions as a reconnaissance tool with unique execution instructions and server communication …
america apt asia attacks call campaign campaigns capabilities europe executive global history kimsuky malware malware analysis north north america north korean organizations reconnaissance reconshark sentinellabs sponsored state targeting tom hegel
More from malware.news / Malware Analysis, News and Indicators - Latest topics
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Information Security Engineers
@ D. E. Shaw Research | New York City
Staff DFIR Investigator
@ SentinelOne | United States - Remote
Senior Consultant.e (H/F) - Product & Industrial Cybersecurity
@ Wavestone | Puteaux, France
Information Security Analyst
@ StarCompliance | York, United Kingdom, Hybrid
Senior Cyber Security Analyst (IAM)
@ New York Power Authority | White Plains, US