Who is that stealing my credentials?
Research Saturday · N2K Networks
Audio is streamed directly from the publisher (pdst.fm) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
Aleksandar Milenkoski from SentinelOne joins to discuss their work on "Kimsuky Strikes Again | New Social Engineering Campaign Aims to Steal Credentials and Gather Strategic Intelligence." Researchers have been tracking the North Korean APT group Kimsuky and their attempt at a social engineering campaign targeting experts in North Korean affairs.
The research states "The campaign has the objective of stealing Google and subscription credentials of a reputable news and analysis service focusing on North Korea, as well as delivering reconnaissance malware." Kimsuky has been tracked engaging in extensive email correspondence using spoofed URLs and extensive email correspondence, along with Office documents weaponized with the ReconShark malware.
The research can be found here:
Learn more about your ad choices. Visit megaphone.fm/adchoices