Attacks leveraging PowerShell and Dropbox have been deployed by North Korean state-backed advanced persistent threat operation Kimsuky against South Korean government, business, and cryptocurrency firms as part of the DEEP#DRIVE campaign, which may have been ongoing since September, The Hacker News reports.
Threat cluster REF7707 has compromised a South American country's foreign ministry and a Southeast Asian university and telecommunications organization in intrusions involving the new FINALDRAFT malware, reports The Hacker News.