Security News > 2022 > December > North Korea hits new low by using Seoul Halloween tragedy to exploit Internet Explorer zero-day
North Korea has hit a new low, using the death of over 150 people to exploit a zero-day flaw in Internet Explorer.
South Korea declared a week of national mourning after the incident.
Because Office renders this HTML content using Internet Explorer.
Internet Explorer has of course been deprecated but is still present on many PCs. Quite possibly more PCs in South Korea than elsewhere given some of the nation's government websites relied on legacy Microsoft browser technologies until 2021.
North Korea stands accused of using cyber-ops to steal data, money, and whatever else it can get its hands on.
Far from atypical for North Korea's government, which those of you with a strong stomach can learn about in horrifying detail in this searing United Nations report that details the regime's excesses.
News URL
https://go.theregister.com/feed/www.theregister.com/2022/12/08/north_korea_seoul_tragedy_exploit/
Related news
- Officials warn of Russia's tech-for-troops deal with North Korea amid Ukraine conflict (source)
- Botnet exploits GeoVision zero-day to install Mirai malware (source)
- Mystery Palo Alto Networks hijack-my-firewall zero-day now officially under exploit (source)
- Chinese hackers exploit Fortinet VPN zero-day to steal credentials (source)
- RomCom Exploits Zero-Day Firefox and Windows Flaws in Sophisticated Cyberattacks (source)
- Mitel MiCollab zero-day flaw gets proof-of-concept exploit (source)
- Mitel MiCollab zero-day and PoC exploit unveiled (source)
- North Korea's fake IT worker scam hauled in at least $88M over six years (source)