Kimsuky, also called Black Banshee in the advisory, is described as a North Korean espionage group active since at least 2012 and targeting organizations and individuals in South Korea, Japan, and the United States. The source lists phishing, malware infections, supply chain compromise, lateral movement, and data exfiltration as recurring TTPs. It highlights Android targeting in 2022 through FastFire, FastViewer, and FastSpy, including use of Firebase for command and control and Androspy based modifications to steal device information from South Korean targets. The advisory also notes ReconShark, an evolution of BabyShark, as reconnaissance malware used in a 2023 global cyberespionage campaign, with radiofreeasia.blog and several hashes provided as IOCs.