Kimsuky Exploits BlueKeep RDP Vulnerability in New Malicious Campaign

Cybersecurity researchers have reported a new malicious campaign linked to the North Korean state-sponsored threat actor known as Kimsuky. This campaign exploits a patched vulnerability affecting Microsoft Remote Desktop Services to gain initial access. The activity has been named Larva-24005 by the AhnLab Security Intelligence Center (ASEC). The exploited vulnerability is known as BlueKeep. Systems in South Korea and Japan have been targeted.