Lazarus Group Exploits Zero-Day Vulnerability to Hack South Korean Financial Entity

[MuzzMelbourne]

Content source

https://thehackernews.com/2023/03/lazarus-group-exploits-zero-day.html

he North Korea-linked Lazarus Group has been observed weaponizing flaws in an undisclosed software to breach a financial business entity in South Korea twice within a span of a year.

While the first attack in May 2022 entailed the use of a vulnerable version of a certificate software that's widely used by public institutions and universities, the re-infiltration in October 2022 involved the exploitation of a zero-day in the same program.

Lazarus Group Exploits Zero-Day Vulnerability to Hack South Korean Financial Entity

The Lazarus Group has breached a South Korean financial business entity twice within a year, exploiting flaws in an undisclosed software.

thehackernews.com