Security News > 2022 > December > North Korea hits new low by using Seoul Halloween tragedy to exploit Internet Explorer zero-day
North Korea has hit a new low, using the death of over 150 people to exploit a zero-day flaw in Internet Explorer.
South Korea declared a week of national mourning after the incident.
Because Office renders this HTML content using Internet Explorer.
Internet Explorer has of course been deprecated but is still present on many PCs. Quite possibly more PCs in South Korea than elsewhere given some of the nation's government websites relied on legacy Microsoft browser technologies until 2021.
North Korea stands accused of using cyber-ops to steal data, money, and whatever else it can get its hands on.
Far from atypical for North Korea's government, which those of you with a strong stomach can learn about in horrifying detail in this searing United Nations report that details the regime's excesses.
News URL
https://go.theregister.com/feed/www.theregister.com/2022/12/08/north_korea_seoul_tragedy_exploit/
Related news
- North Korea’s fake tech workers now targeting European employers (source)
- PipeMagic Trojan Exploits Windows Zero-Day Vulnerability to Deploy Ransomware (source)
- ⚡ Weekly Recap: iOS Zero-Days, 4Chan Breach, NTLM Exploits, WhatsApp Spyware & More (source)
- Kimsuky Exploits BlueKeep RDP Vulnerability to Breach Systems in South Korea and Japan (source)
- Craft CMS RCE exploit chain used in zero-day attacks to steal data (source)
- Enterprise tech dominates zero-day exploits with no signs of slowdown (source)
- ⚡ Weekly Recap: Zero-Day Exploits, Developer Malware, IoT Botnets, and AI-Powered Scams (source)
- North Korea ramps up cyberspying in Ukraine to assess war risk (source)
- Xinbi Telegram Market Tied to $8.4B in Crypto Crime, Romance Scams, North Korea Laundering (source)
- Hackers exploit VMware ESXi, Microsoft SharePoint zero-days at Pwn2Own (source)