A North Korean APT group is thought to be behind a attack on the South Korean atomic energy research institute, KAERI. The intrusion took place last month, on May 14 to be exact, through a vulnerability in a virtual private network (VPN) server. The name of the VPN vendor is being kept secret. A VPN or gateway is always a likely target, especially if it has a cybercriminal cyber-espionage group, like Kimsuky. There are a lot of known vulnerabilities in the running. Many of them are years old and many are known to be used in the wild.”]