North Korean APT Activity Higher during Olympics

Even with North Korea participating in the Olympics in the South Korean capital, North Korea has ramped up cyber activity over the last month. Specifically North Korean APT threat actors are utilizing DDE exploits in Phishing emails to attack unsuspecting computer users.

Just this week Jigsaw Security observed this exploit being utilized against South Korean assets, Government assets in a European country and targets in the United States.

Customers using Jigsaw Security Threat Intelligence can read more about these attacks on our blog. Other websites are reporting similar activity an our sightings of these messages are expanding. While Microsoft has released a patch for this vulnerability many of the attacks are successful because of poor patching practices.

MISP Events Related to Activity:

MISP Event 24538

MISP Event 4028

Customers using Jigsaw Security Threat Intelligence RPZ projected are not vulnerable to this issue and have been protected since at least November 2017 against this threat.

#NorthKorea #Phishing


Contact: (800)447-2150 Ext. 1        To contact Jigsaw simply send a message in our chat window!

  • Facebook - Black Circle
  • Twitter - Black Circle

© 2017-2018 Jigsaw Security Enterprise Inc.

Jigsaw Security Enterprise Inc is a SDVOSB - Service Connected Disabled Veteran Owned Small Business Jigsaw Security is an operator of WIMAX networks and is operating under license WQVC235 as a common carrier, non-common carrier and private communications operator. Jigsaw Security operates cable and satellite services. Courses may be provided by a third party authorized training partner in some cases. Some training is only available for cleared and US Citizens. Courses approved by the North Carolina Department of Public Safety Private Protective Services Board for licensing and CE credits. JPM program insurance is provided by an authorized Jigsaw Security Insurance Partner and is not underwritten by Jigsaw Security. For insurance information please contact our JPM program manager. Jigsaw Security operates a network through our NCBroadband brand.