U.S. government agencies, including the NSA and FBI, have issued a joint advisory warning about a North Korean hacking group known as Kimsuky. This group is reportedly exploiting poorly configured email servers to launch spearphishing attacks targeting academic institutions, think tanks, journalists, and nonprofit organizations. The hackers are using sophisticated tactics such as email spoofing, where they disguise their emails to appear as if they are from legitimate, trusted sources, including spoofing journalist emails to spy on policy experts. The advisory urges organizations to secure their email systems against these tactics, specifically highlighting the need to block a 'Reply-to' exploit used by the hackers and new tactics to bypass email security.
