The #Kimsuky #APT group used phishing sites to collect account credentials, but the sites has not been resolved to any IP addresses. #IOC: post.blogalarm.kro[.]kr nid-info.checkmyblog.kro[.]kr i.secai.ai/research/bloga… i.secai.ai/research/check…

The #Kimsuky #APT group also registered other #phishing assets. #IOC: 158.247.242[.]169 i.secai.ai/research/158.2…

New #phishing assets of the #Kimsuky #APT group: #IOC: 158.247.192[.]105 ips-check.o-r[.]kr i.secai.ai/research/158.2… i.secai.ai/research/ips-c…

Looking forward to RSAConference 2025? Stop by booth #Booth N-6570 to meet our team and check out our TI-enriched and AI-driven cybersecurity solutions. You're just one step away from levelling up your security operation. If you don't have a pass. Don't worry! Here is the

🚀 The new version of SecAI is live! We’ve made major upgrades to help you analyze IPs and domains more effectively: ✅ Clear Verdicts – Malicious, Suspicious, Unknown, or Benign — based on multi-source intelligence 🏷️ Multi-layered Labels – Threat types, malware linkage,

New #phishing assets of the #Kimsuky #APT group: #IOC: 158.247.202[.]109 portiondoc.o-r[.]kr i.secai.ai/research/158.2… i.secai.ai/research/porti…

Recently, the #Konni #APT group has used a large number of #compromised websites to transmit information of infected hosts. ausbildungsbuddy[.]de i.secai.ai/research/ausbi……absongkhla[.]com i.secai.ai/research/abson… beldy[.]ma i.secai.ai/research/beldy… go2kgstan[.]com

New #phishing assets of the #Kimsuky #APT group: 210.114.14.234 i.secai.ai/research/210.1… secinput.n-e[.]kr i.secai.ai/research/secin… secuinput.r-e[.]kr i.secai.ai/research/secui… secinput.o-r[.]kr i.secai.ai/research/secin… 158.247.243.223 i.secai.ai/research/158.2… updateinfo.r-e[.]kr

The #Konni #APT group uses the #compromised site holosformations[.]fr to download files. C2: 49.12.47[.]155:443 i.secai.ai/research/holos… i.secai.ai/research/49.12… Hash: 869705fd4dd777d4ab5c662806b42fe43bff6b58e085a64804486326b35fee47 It is related to #ChatGPT, uses an #AutoIt

New #phishing assets of #Kimsuky #APT group: 158.247.247[.]157 i.secai.ai/research/158.2… mexc-signin.kro[.]kr i.secai.ai/research/mexc-… yourinfo.kro[.]kr i.secai.ai/research/youri… 141.164.53[.]3 i.secai.ai/research/141.1… userdoc-sign.kro[.]kr i.secai.ai/research/userd…

Just 1 more day to GISEC GLOBAL! Come find SecAI at Booth P48 to have an hands-on experience of faster, smarter threat investigations powered by AI. Plus, try your luck at our onsite Lucky Draw! 🎁 See you then!

The #Konni #APT group used the #compromised site to download files. #IOC: deliberatecollaboration[.]com i.secai.ai/research/delib…

Day 2 at GISEC GLOBAL! Stop by Booth P48 to see why SecAI Investigator is making waves in Threat Intel. We're giving away 15-day Pro access codes—grab yours and see the power for yourself.

The #Kimsuky #APT group used the #BabyShark trojan to connect to its C2 server via a revoked TLS certificate. #sha256: 8503a57fa9e3424cc1cb39f8cd15419840eaa73277e9fe383a1bebb518ef9ede(RemoteControl.dll) #C2: first.pokerstarus.kro[.]kr i.secai.ai/research/poker… Domain resolved to IP

Last chance to meet us at GISEC GLOBAL! The SecAI Booth at P48 is open for one more day. Find out how AI-powered threat intelligence can give your security team a critical edge. See you there!

The #Konni #APT group used #compromised websites to deliver information. #IOC: bergaeroworks[.]co[.]za sitisrlweb[.]com seacura[.]com i.secai.ai/research/berga… i.secai.ai/research/sitis… i.secai.ai/research/seacu…

The #Kimsuky #APT group conducted #phishing using a Korean domain that means "Ministry of the Interior and Safety notification." #IOC: 27.102.138.155 행정안전부통지서.홈페이지.한국 블로그신고안내.메인.한국 i.secai.ai/research/27.10… i.secai.ai/research/xn--o… i.secai.ai/research/xn--2…

The #Konni #APT group used #compromised websites for command and control. #IOC: yukiicreatives[.]com rayanlynch[.]com i.secai.ai/research/yukii… i.secai.ai/research/rayan…

New #phishing assets of the #Kimsuky #APT group: #IOC: 141.164.56[.]44 taxdeliveryservice.kro[.]kr userauthoritydoc.p-e[.]kr i.secai.ai/research/141.1… i.secai.ai/research/taxde… i.secai.ai/research/usera…