Kimsuky, the North Korean threat actor active since 2012, is still targeting the South Korean government. We take a look at the phishing infrastructure and command and control mechanisms of this APT.
The North Korean APT uses a clever technique to bypass security products by embedding one of its payload as a BMP image.
A North Korean threat group has swapped the usual Hangul Office lures for a cleverly packed Office macro.
This post shines some light on a ‘gate’ belonging to the geo-targeted Magnitude exploit kit.