Cert2Connect

The Updated APT Playbook Tales from the Kimsuky threat actor group

The Kimsuky threat actor group also known as Black Banshee or Thallium originates from North Korea and has been active since at least 2012 Kimsuky focuses primarily on intelligence gathering. Researchers believe Kimsuky is using CHM files which are delivered in several ways as part of an ISO|VHD|ZIP or RAR file. The reason they would use this approach is that such containers have the ability to pass the first line of defense and then the CHM file will be executed.
Overzicht

WILT U WETEN HOE DIT RISICO
UITGEBANNEN KAN WORDEN?

Wij helpen je graag. Indien gewenst geven we graag een presentatie of demo van onze oplossingsaanpak. Je vindt ons ook regelmatig op beurzen en events. Volg de evenementenpagina op deze site of meld je aan via de contactpagina voor onze nieuwsbrief.

Maak een afspraak