Lazarus Group Hacks South Korean Financial Entity via Zero-Day Vulnerability

9 March 2023

Over the past year, the Lazarus Group has used flaws in an undisclosed software to breach a financial business entity in South Korea on two distinct occasions. As opposed to the first attack in May 2022, the re-infiltration in October 2022 exploited a zero-day vulnerability in the same certificate software widely used by public institutions and universities. The APT, after gaining an initial foothold through a BYOVD attack, abused the zero-day vulnerability to perform lateral movement.

Read full article on Heimdal Security Blog

Date:

9 March 2023

Categorie(s):

NEWS

Tag(s):

Entity, Financials, Hacks, Korean, Zero Day Vulnerability

McAfee Dominates AV-Comparatives PC Performance Test3 May 2024
Preparation: The Less Shiny Side of Incident Response – Joe Gross – ESW #3603 May 2024
Critical GitLab account takeover flaw added to CISA’s KEV Catalog2 May 2024
Microsoft, Google do a victory lap around passkeys2 May 2024
Understanding Scattered Spider, and how they perform cloud-centric identity attacks2 May 2024