{"id":17930,"date":"2020-03-17T20:35:18","date_gmt":"2020-03-18T04:35:18","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2020\/03\/17\/news-11663\/"},"modified":"2020-03-17T20:35:18","modified_gmt":"2020-03-18T04:35:18","slug":"news-11663","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2020\/03\/17\/news-11663\/","title":{"rendered":"VB2019 paper: Kimsuky group: tracking the king of the spear-phishing"},"content":{"rendered":"

In September 2013, Kaspersky<\/em> reported<\/a> a new APT group it dubbed \u2018Kimsuky\u2019, which it linked to North Korea. The group, whose interests include South Korean industry, journalists and North Korean defectors, continues to be active: recent activity was analysed by Yoroi<\/em> earlier this month<\/a>.<\/p>\n

Jaeki Kim. Kyoung-Ju Kwak and Min-Chang Jang from Financial Security Institute<\/em> have been tracking the group and its various spear-phishing activities for years. In a paper presented at VB2019 in London, they detailed the tools and activities used by this group, some of which they were able to analyse through OpSec failures by the group.<\/p>\n

\"Kimsuky-FigureThe flow of malware used in spear-phishing attacks.<\/span><\/p>\n

Today, we publish the researchers’ paper in both HTML<\/a> and PDF<\/a> format.<\/p>\n

\u00a0<\/p>\n

Are you tracking an APT group? Have you fought their targeting of your organisation? Why not submit a paper<\/a> for VB2020 in Dublin, Ireland, the deadline for which is Sunday 15 March.<\/strong><\/em><\/p>\n

outertext
https:\/\/www.virusbulletin.com\/rss<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"


In a paper presented at VB2019 in London, researchers fron the Financial Security Institute detailed the tools and activities used by the APT group ‘Kimsuky’, some of which they were able to analyse through OpSec failures by the group. Today, we publish their paper. <\/p>\n

Read more<\/a> <\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[23177,10378,23176],"tags":[],"class_list":["post-17930","post","type-post","status-publish","format-standard","hentry","category-magazine","category-security","category-virusbulletin"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/17930","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=17930"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/17930\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=17930"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=17930"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=17930"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}