Lazarus group was spotted exploiting flaws in unnamed software to gain access to a South Korean finance firm twice last year.
The North Korea-linked group had infiltrated the affected company in May 2022 and again in October through the same software’s zero-day vulnerability, according to a research by AhnLab Security Emergency Response Center (ASEC).
ASEC reported the software in question to the Korean Internet and Security Agency since the vulnerability has not been fully verified yet and a software patch has not been released. The report therefore does not name the affected software.
To read this article in full, please click here