U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

APT

EU sanctioned the leader of North Korea-linked APT groups

The European Union sanctioned the leader of North Korea-linked APT groups for aiding Russia in its war against Ukraine. The European Union announced sanctions against entities aiding Russia in the ongoing conflict with Ukraine, including Lee Chang Ho, who is the leader of North Korea-linked APT groups. Lee Chang Ho coordinated North Korean soldiers in […]

North Korea Lazarus APT

The European Union sanctioned the leader of North Korea-linked APT groups for aiding Russia in its war against Ukraine.

The European Union announced sanctions against entities aiding Russia in the ongoing conflict with Ukraine, including Lee Chang Ho, who is the leader of North Korea-linked APT groups.

Lee Chang Ho coordinated North Korean soldiers in Ukraine and led North Korea-linked APT groups like Lazarus and Kimsuky, supporting actions against Ukraine’s independence.

“Lee Chang Ho coordinated North Korean soldiers deployed on the battlefield in Ukraine, who may have been given tasks related to irregular guerrilla warfare.” reads the announcement published by EU. “Thus, he was involved in the participation of North Korean soldiers in the war against Ukraine. He has led cyber-attack units such as Lazarus and Kim Suki. Therefore, Lee Chang Ho is responsible for supporting and implementing actions which undermine the independence of Ukraine.”

Lee Chang Ho is the Director of the Reconnaissance General Bureau, lieutenant General of the Korean People’s Army, and head of the North Korean Reconnaissance General Bureau. 

The Reconnaissance General Bureau (RGB) is North Korea’s primary intelligence agency responsible for clandestine operations, cyber warfare, espionage, and military intelligence. It oversees North Korea’s elite hacker groups, such as Lazarus Group, APT38, and Kimsuky, which conduct cyberattacks, financial theft, and espionage worldwide. The RGB is also involved in covert military operations, including special forces training and overseas intelligence activities. Multiple countries have sanctioned RGB for its role in cybercrime, espionage, and support for North Korea’s military objectives.

Most sanctioned entities are Russian, however EU also issued sanctions against Chinese and North Korean nationals.

Recently crypto exchange Bybit suffered a sophisticated cyberattack, threat actors transferred over 400,000 ETH and stETH worth more than $1.5 billion to an unidentified address.

The Bybit hack is the largest cryptocurrency heist ever, surpassing previous ones like Ronin Network ($625M), Poly Network ($611M), and BNB Bridge ($566M).

Bybit’s ETH cold wallet was compromised in the attack that masked the signing interface, allowing threat actors to redirect funds to an unknown address.

Blockchain cybersecurity firm Elliptic attributed the cyber heist to the notorious North Korea-linked APT Group Lazarus.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, North Korea)