Cybersecurity analysts have identified a new harmful initiative associated with the North Korean state-backed threat entity referred to as Kimsuky, which takes advantage of a recently resolved flaw affecting Microsoft Remote Desktop Services to obtain initial entry.
This operation has been designated Larva-24005 by the AhnLab Security Intelligence Center (ASEC).
“In certain systems, initial entry was achieved through