A new wave of targeted attacks on South Korean organizations contains multiple signs that the attacks are likely coming from the North. Kaspersky Lab exposed a cyberespionage campaign, dubbed Kimsuky, aimed at spying on and stealing information from South Korean think-tank organizations. South Korea has been hammered by several targeted attack campaigns in the past year, including the DarkSeoul DDoS and data-destruction attacks on major South Korean banks, media outlets, and other entities. Researchers say the source IP addresses are located in the Jilin Province Network and Liaoning Province Network in China.”]