"Today, a DPRK state-affiliated group access to one of our developer’s private keys" published by Seedify. #Seedify, #DPRK, #CTI https://archive.is/IR7ak

"김수키(Kimsuky) 추정 국방대학교 안보정책학부 교수를 노린 주한 중화인민공화국 대사관 무관부 사칭 악성코드" published by Sakai. #Kimsuky, #LNK, #DPRK, #CTI https://wezard4u.tistory.com/429603

"In-Depth Analysis of the APT Down - The North Korea Files leak" published by ENKI. #APTDown, #Kimsuky, #DPRK, #CTI https://www.enki.co.kr/en/media-center/blog/in-depth-analysis-of-the-apt-down-the-north-korea-files-leak

"Larva-25004 추적 보고서" published by Ahnlab. #CJOliveNetworks, #Kimsuky, #Larva-25004, #DPRK, #CTI https://asec.ahnlab.com/ko/90292/

"APT Down - The North Korea Files 공개 자료 상세 분석 보고서" published by ENKI. #APTDown, #Kimsuky, #DPRK, #CTI https://www.enki.co.kr/media-center/blog/in-depth-analysis-of-the-apt-down-the-north-korea-files-leak

"김수키(Kimsuky)에서 만든 피싱 메일-2024년 귀속 종합소득세 가산세 안내(2025.9.16)" published by Sakai. #Kimsuky, #Phishing, #DPRK, #CTI https://wezard4u.tistory.com/429601

"성범죄자 고지 정보를 위장한 Kimsuky 공격" published by Logpresso. #Kimsuky, #LNK, #DPRK, #CTI https://logpresso.com/ko/blog/2025-09-18-Kimsuky-Attack

"BeaverTail variant distributed via malicious repositories and ClickFix lure" published by Gitlab. #BeaverTail, #ClickFix, #DPRK, #CTI https://gitlab-com.gitlab.io/gl-security/security-tech-notes/threat-intelligence-tech-notes/north-korean-malware-sept-2025/

"김수키(Kimsuky)삼성전자 미팅 관련 으로 제작 악성코드(2025.9.11)" published by Sakai. #Kimsuky, #LNK, #DPRK, #CTI https://wezard4u.tistory.com/429599

"북한 김수키(Kimsuky)에서 제작한 악성코드-ofx.txt(2025.6.11)" published by Sakai. #Kimsuky, #DPRK, #CTI https://wezard4u.tistory.com/429598

"AI-Driven Deepfake Military ID Fraud Campaign by Kimsuky APT" published by Genians. #Deepfake, #Kimsuky, #ClickFix, #Phishing, #DPRK, #CTI https://www.genians.co.kr/en/blog/threat_intelligence/deepfake

"AI 딥페이크 기반 군 공무원증 위조 김수키 APT 캠페인" published by Genians. #Deepfake, #Kimsuky, #ClickFix, #Phishing, #DPRK, #CTI https://www.genians.co.kr/blog/threat_intelligence/deepfake

"The Phrack leak: Examining an APT’s workstation" published by Intel471. #APTDown, #Kimsuky, #DPRK, #CTI https://www.intel471.com/blog/the-phrack-leak-examining-an-apts-workstation

"2025년 8월 APT 공격 동향 보고서(국내)" published by Ahnlab. #LNK, #Phishing, #DPRK, #CTI https://asec.ahnlab.com/ko/90103/

"2025년 8월 APT 그룹 동향 보고서" published by Ahnlab. #Kimsuky, #Trend, #DPRK, #CTI https://asec.ahnlab.com/ko/90082/

"김수키(Kimsuky) 에서 제작한 악성코드-현대 데이터 복구 및 절차 수립" published by Sakai. #Kimsuky, #LNK, #DPRK, #CTI https://wezard4u.tistory.com/429595

"Lazarus Group Attacks in 2025: Overview for SOC Teams" published by AnyRun. #ContagiousInterview, #ITWorker, #InvisibleFerret, #Lazarus, #OtterCookie, #PylangGhost, #DPRK, #CTI https://any.run/cybersecurity-blog/lazarus-group-attacks-2025/

"Kimsuky’s Use of GitHub for Malware Delivery and Exfiltration" published by S2W. #Kimsuky, #LNK, #DPRK, #CTI https://s2w.inc/en/resource/detail/920

"Kimsuky그룹의 GitHub 기반 악성코드 유포 및 정보 탈취 정황" published by S2W. #Kimsuky, #LNK, #DPRK, #CTI https://s2w.inc/ko/resource/detail/920

"APT37: Rust Backdoor & Python Loader" published by Zscaler. #APT37, #Chinotto, #Rustonotto, #DPRK, #CTI https://www.zscaler.com/blogs/security-research/apt37-targets-windows-rust-backdoor-and-python-loader

"김수키(Kimsuky)에서 만든 피싱 메일-[국세청] 9월 신고 납부 기한 통지서(2025.8.25)" published by Sakai. #Kimsuky, #Phishing, #DPRK, #CTI https://wezard4u.tistory.com/429590

"A Glimpse Behind the Curtain: Unmasking Kimsuky’s Threat Actor Operations, Infrastructure, and Capabilities" published by FalconFeeds. #APTDown, #Kimsuky, #DPRK, #CTI https://falconfeeds.io/blogs/kimsuky-threat-actor-operations-infrastructure-capabilities

"Lazarus Group (APT38) Targets Crypto Sector with Sophisticated Phishing Campaign" published by Kucoin. #APT38, #CVE-2025-48384, #DPRK, #CTI https://www.kucoin.com/zh-hant/blog/en-breaking-lazarus-group-apt38-targets-crypto-sector-with-sophisticated-phishing-campaign

"Inside the Kimsuky Leak: How the “Kim” Dump Exposed North Korea’s Credential Theft Playbook" published by Domaintools. #APTDown, #Kimsuky, #DPRK, #CTI https://dti.domaintools.com/inside-the-kimsuky-leak-how-the-kim-dump-exposed-north-koreas-credential-theft-playbook/

"Bells Ringing in Dar es Salaam" published by ChollimaGroup. #BABYLONGROUP, #DPRK, #CTI https://chollima-group.io/posts/bells-ringing-in-dar-es-salaam

"Monthly Threat Actor Group Intelligence Report, August 2025" published by NSHC. #SectorA, #Trend, #DPRK, #CTI https://medium.com/@nshcthreatrecon/monthly-threat-actor-group-intelligence-report-august-2025-21c666e7e23b

"North Korean Threat Actors Reveal Plans and Ops by Abusing Cyber Intel Platforms" published by SentinelOne. #ClickFix, #ContagiousInterview, #DPRK, #CTI https://www.sentinelone.com/labs/contagious-interview-threat-actors-scout-cyber-intel-platforms-reveal-plans-and-ops/

"김수키(Kimsuky) 외교광장.ps1 악성코드 분석 및 보안 수칙 ESET 탐지 PowerShell/Kimsuky.AX" published by Sakai. #Kimsuky, #DPRK, #CTI https://wezard4u.tistory.com/429586

"Three Lazarus RATs coming for your cheese" published by Foxit. #Lazarus, #PondRAT, #RemotePE, #ThemeForestRAT, #DPRK, #CTI https://blog.fox-it.com/2025/09/01/three-lazarus-rats-coming-for-your-cheese/

"아동복지 기부금 사칭 악성코드 주의보 김수키(Kimsuky) 소행 분석" published by Sakai. #Kimsuky, #LNK, #DPRK, #CTI https://wezard4u.tistory.com/429584

"Unboxing the Arirang 182 – A North Korean Feature Phone" published by NKInternet. #DPRK, #CTI https://nkinternet.com/2025/08/31/unboxing-the-arirang-182-a-north-korean-feature-phone/

"국내 IP에서 유포된 PureCrypter 적용 Formbook 페이로드 분석" published by ENKI. #Kimsuky, #DPRK, #CTI https://www.enki.co.kr/media-center/blog/analysis-of-formbook-payload-loaded-by-purecrypter-distributed-from-south-korean-ip

"북한 김수키(Kimsuky) 한미 군사 동맹 주제로 만든 악성코드-Update Schedule_INVITATION - 250625 UNC Ambassador_s Roundtable.zip(2025.6.11)" published by Sakai. #Kimsuky, #LNK, #DPRK, #CTI https://wezard4u.tistory.com/429583

"Operation HanKook Phantom: APT37 Spear-Phishing Campaign" published by Seqrite. #APT37, #LNK, #RokRAT, #DPRK, #CTI https://www.seqrite.com/blog/operation-hankook-phantom-north-korean-apt37-targeting-south-korea/

"July 24th - Security incident post-mortem" published by WooX. #UNC4899, #WooX, #DPRK, #CTI https://woox.io/blog/july-24th-security-incident-post-mortem

"DPRK IT WORKERS UNVEILED" published by RakeshKrish. #ITWorker, #DPRK, #CTI https://theravenfile.com/2025/08/28/dprk-it-workers-unveiled/

"故障修复之下的陷阱：Lazarus（APT-Q-1）近期利用 ClickFix 手法的攻击分析" published by Qianxin. #APT-Q-1, #ClickFix, #DPRK, #CTI https://mp.weixin.qq.com/s?__biz=MzI2MDc2MDA4OA==&mid=2247515797&idx=1&sn=63eb2627f65397d704d187273c6cdce4&chksm=ea6649e2dd11c0f497ca57cf52676a9a764f28e587017e14fc850034ca8518c9f4ef46219824

"Detecting and countering misuse of AI: August 2025" published by Anthropic. #ITWorker, #ContagiousInterview, #FamousChollima, #DPRK, #CTI https://www.anthropic.com/news/detecting-countering-misuse-aug-2025

"OFAC Sanctions Fraud Network Funding DPRK Weapons Programs" published by Chainalysis. #ITWorker, #Sanctions, #DPRK, #CTI https://www.chainalysis.com/blog/ofac-sanctions-fraud-network-funding-dprk-weapons-program/

"Treasury Sanctions Fraud Network Funding DPRK Weapons Programs" published by USTreasury. #ITWorker, #News, #Sanctions, #DPRK, #CTI https://home.treasury.gov/news/press-releases/sb0230

"Joint Statement on North Korean Information Technology Workers" published by KRMOFA. #ITWorker, #News, #DPRK, #CTI https://www.mofa.go.kr/www/brd/m_4080/view.do?seq=376343

"Dubai, Crypto, Moonstone Sleet, and the Pivot Odyssey" published by ChollimaGroup. #BABYLONGROUP, #MoonstoneSleet, #DPRK, #CTI https://chollima-group.io/posts/dubai-crypto-moonstonesleet-pivot-odyssey

"국가 핵심망, 다 뚫렸다. 북한 해커의 놀이터가 된 한국 [OSINT 전문가 대담 2-2]" published by CriminalIP. #Kimsuky, #Youtube, #APTDown, #DPRK, #CTI https://www.youtube.com/watch?v=aekWKbhCLiA

"Kimsuky APT Data Leak: Inside DPRK Cyber Espionage Tools" published by Foresiet. #Kimsuky, #DPRK, #CTI https://foresiet.com/blog/kimsuky-apt-data-leak/

"Bybit exploit six months on: Novel laundering tactics, techniques and procedures and the looming threat of DPRK" published by Elliptic. #Bybit, #MoneyLaundering, #DPRK, #CTI https://www.elliptic.co/blog/bybit-exploit-six-months-on

"Uncovering the Chinese Proxy Service Used in APT Campaigns" published by Spur. #Kimsuky, #DPRK, #CTI https://spur.us/how-spur-uncovered-a-chinese-proxy-and-vpn-service-used-in-an-apt-campaign/

"2025년 7월 APT 그룹 동향 보고서" published by Ahnlab. #ClickFix, #HappyDoor, #Kimsuky, #Lazarus, #DPRK, #CTI https://asec.ahnlab.com/ko/89771/

"Detailed Analysis of Phrack’s APT Down: The North Korea Files" published by S2W. #Kimsuky, #DPRK, #CTI https://s2w.inc/en/resource/detail/908

"APT-Down Revisited: 국가지원해킹그룹 해킹자료 분석 및 시사점" published by KUSecurity. #Kimsuky, #DPRK, #CTI https://security.korea.ac.kr/m06_07/292

"북한 해킹 단체 APT37(리퍼,Reaper)에서 만든 RokRAT 악성코드-북한이탈 주민의 성공적인 남한정착을 위한 아카데미 운영.lnk(2025.7.21)" published by Sakai. #APT37, #LNK, #RokRAT, #DPRK, #CTI https://wezard4u.tistory.com/429575