Even with North Korea participating in the Olympics in the South Korean capital, North Korea has ramped up cyber activity over the last month. Specifically North Korean APT threat actors are utilizing DDE exploits in Phishing emails to attack unsuspecting computer users.
Just this week Jigsaw Security observed this exploit being utilized against South Korean assets, Government assets in a European country and targets in the United States.
Customers using Jigsaw Security Threat Intelligence can read more about these attacks on our blog. Other websites are reporting similar activity an our sightings of these messages are expanding. While Microsoft has released a patch for this vulnerability many of the attacks are successful because of poor patching practices.
MISP Events Related to Activity:
Customers using Jigsaw Security Threat Intelligence RPZ projected are not vulnerable to this issue and have been protected since at least November 2017 against this threat.