Lazarus Hits 6 South Korean Firms via Cross EX, Innorix Flaws and ThreatNeedle Malware

Lazarus Hits 6 South Korean Firms via Cross EX, Innorix Flaws and ThreatNeedle Malware

At least six organizations in South Korea have been targeted by the prolific North Korea-linked Lazarus Group as part of a campaign dubbed Operation SyncHole. The activity targeted South Korea's software, IT, financial, semiconductor manufacturing, and telecommunications industries, according to a report from Kaspersky published today. The earliest evidence of compromise was first detected in

Kaspersky uncovers new Lazarus-led supply chain cyberattacks in South Korea | CXO Insight Middle East

Kaspersky’s GReAT team has uncovered a sophisticated new Lazarus campaign, combining a watering hole attack with the exploitation of vulnerabilities in third-party software to target organisations in South Korea. During the research, company experts have also discovered a zero-day vulnerability in the widely used South Korean software Innorix Agent, which was promptly patched. Revealed during GITEX Asia, the findings highlight how Lazarus, lever…

Kaspersky's Global Research and Analysis Team (GREAT) has uncovered a new advanced campaign signed by Lazarus, combining a watering hole attack and the exploitation of vulnerabilities in third-party software to target organizations in South Korea. During their research, the company's experts also discovered a zero-day vulnerability in the widely used South Korean software Innorix Agent, which was quickly corrected. Unveiled at GITEX Asia, these …