A new warning from the US Federal Bureau of Investigation indicates that spearphishing tactics are being advanced by a cyber espionage group linked to North Korea known as Kimsuky, also known as APT43, in recent months.
As the threat actor has increasingly turned to QR code-based attacks as a means of infiltrating organizational networks, the threat actor is increasingly using QR code-based attacks.
There is an alert on the group’s use of a technique referred to as “quishing,” in which carefully crafted spearphishing emails include malicious URLs within QR codes, as opposed to links that are clickable directly in the emails.
By using mobile devices to scan the QR codes, recipients can bypass traditional email security gateways that are designed to identify and block suspicious URLs, thereby circumventing the problem.
As a result of this gap between enterprise email defenses and personal mobile use, Kimsuky exploits the resulting gap in security to stealthily harvest user credentials and session tokens, which increases the probability of unauthorized access while reducing the chance of early detection by the security team.
As a result of this campaign, concerns about the increasi
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: