Kaspersky’s Q3 2024 APT roundup highlights several espionage campaigns, including the P8 framework used against Vietnamese financial and real estate victims, secure USB-drive compromise activity, and multiple Chinese-speaking clusters. P8 is described as a plugin-based post-exploitation framework that loads most components from C2 into memory, supports lateral movement and exfiltration, and was likely developed from the open source C2Implant project. Other sections cover spear-phishing and loader chains tied to ExCone/DexCone-related activity, Scieron backdoor deployments using machine-specific decoders, and Awaken Likho’s continued use of UltraVNC, AutoIT scripts, Themida, and MeshAgent against government-linked targets. The excerpt does not provide North Korea, Lazarus, Kimsuky, Andariel, APT37, or APT38 attribution for these campaigns.