December 2025 APT Group Trends
Key APT Group Trends by Region 1) North Korea North Korean state‑sponsored threat groups have increasingly relied on fake IT employment schemes, actively exploiting legitimate hiring platforms and fabricated identities to infiltrate corporate environments. These actors frequently take advantage of remote‑work infrastructures to obtain elevated access and
September 2025 APT Group Trends
Trends of Key APT Groups by Region 1) North Korea North Korea-linked APT groups have been intensively carrying out advanced spear-phishing and remote access attacks against the defense, military, and cryptocurrency sectors in South Korea. They have also introduced a new psychological deception technique using generative AI and
July 2025 Major APT Group Trends
Purpose and Scope This report covers nation-led threat groups, presumed to conduct cyber espionage or sabotage supported by certain governments. These groups are referred to as advanced persistent threat (APT) groups for the sake of convenience. Therefore, this report does not contain information on cybercriminal groups aiming to gain financial
Threat Trend Report on APT Groups
The following are the main APT groups and their cases based on the analysis reports released by security companies and organizations in January 2025. 1. Andariel The Andariel group has executed an attack using the RID Hijacking technique to escalate account privileges and create hidden accounts.[1] RID Hijacking
Threat Trend Report on APT Groups – July 2024 Major Issues on APT Groups
Purpose and Scope This report covers nation-led threat groups presumed to conduct cyber espionage or sabotage under the support of the governments of certain countries, referred to as “Advanced Persistent Threat (APT) groups” for the sake of convenience. Therefore, this report does not contain information on cybercriminal groups aiming
Threat Trend Report on APT Groups – April 2024 Major Issues on APT Groups
The cases of major APT groups for April 2024 gathered from materials made public by security companies and institutions are as follows. 1) APT28 (Forest Blizzard) Microsoft Threat Intelligence released the results of the investigation on the activities of APT28, a Russia-based threat actor.[1] This group has been
