Researchers Detect New Kimsuky Campaign Exploiting RDP Flaw

Researchers have detected a new campaign by the North Korea-linked group Kimsuky, exploiting a patched vulnerability in Microsoft Remote Desktop (RDP) services to gain initial access. Researchers from the AhnLab Security Intelligence Center (ASEC) discovered this campaign, named Larva-24005, during the investigation of a security breach. The attackers exploited an RDP vulnerability to access target systems in South Korea and Japan.