all InfoSec news
Kimsuky | Ongoing Campaign Using Tailored Reconnaissance Toolkit
May 23, 2023, 11:31 a.m. | MalBot
Malware Analysis, News and Indicators - Latest topics malware.news
By Aleksandar Milenkoski and Tom Hegel
Executive Summary
- SentinelLabs has observed an ongoing campaign by Kimsuky, a North Korean APT group, targeting North Korea-focused information services, human rights activists, and DPRK-defector support organizations.
- The campaign focuses on file reconnaissance and information exfiltration using a variant of the RandomQuery malware, enabling subsequent precision attacks.
- Kimsuky distributes RandomQuery using Microsoft Compiled HTML Help (CHM) files, their long-running tactic for delivering diverse sets of malware.
- Kimsuky strategically employs new TLDs and domain names …
activists apt campaign dprk executive exfiltration file human human rights information kimsuky korea malware malware analysis north north korea north korean north korean apt organizations reconnaissance rights sentinellabs services support targeting tom hegel toolkit
More from malware.news / Malware Analysis, News and Indicators - Latest topics
Pay up, or else? – Week in security with Tony Anscombe
1 day, 2 hours ago |
malware.news
Malware Simulators cannot test Antivirus Software
1 day, 15 hours ago |
malware.news
FBI warns of email spoofing by North Korean threat actor Kimsuky
1 day, 21 hours ago |
malware.news
You get a passkey, you get a passkey, everyone should get a passkey
2 days, 1 hour ago |
malware.news
Jobs in InfoSec / Cybersecurity
Security Analyst
@ Northwestern Memorial Healthcare | Chicago, IL, United States
GRC Analyst
@ Richemont | Shelton, CT, US
Security Specialist
@ Peraton | Government Site, MD, United States
Information Assurance Security Specialist (IASS)
@ OBXtek Inc. | United States
Cyber Security Technology Analyst
@ Airbus | Bengaluru (Airbus)
Vice President, Cyber Operations Engineer
@ BlackRock | LO9-London - Drapers Gardens