Security News > 2023 > November > UK and South Korea: Hackers use zero-day in supply-chain attack
The attack started with compromising a media outlet's website to embed malicious scripts into an article, allowing for a 'watering hole' attack.
State-backed North Korean hacking operations consistently rely on supply chain attacks and the exploitation of zero-day vulnerabilities as part of their cyber warfare tactics.
In March 2023, it was discovered that "Labyrinth Chollima," a subgroup of Lazarus, conducted a supply chain attack against VoIP software maker 3CX to breach multiple high-profile companies worldwide.
Last Friday, Microsoft disclosed a supply chain attack on CyberLink that the Lazarus hacking group used to distribute trojanized, digitally-signed CyberLink installers to infect at least a hundred computers with the 'LambLoad' malware.
Microsoft: Lazarus hackers breach CyberLink in supply chain attack.
Google: Hackers exploited Zimbra zero-day in attacks on govt orgs.
News URL
Related news
- North Korea targets crypto developers via NPM supply chain attack (source)
- It's only a matter of time before LLMs jump start supply-chain attacks (source)
- Chinese hackers targeted sanctions office in Treasury attack (source)
- Ivanti warns of new Connect Secure flaw used in zero-day attacks (source)
- Ivanti zero-day attacks infected devices with custom malware (source)
- UK domain registry Nominet confirms breach via Ivanti zero-day (source)
- Hackers exploit critical Aviatrix Controller RCE flaw in attacks (source)
- UK domain registry Nominet breached via Ivanti zero-day (source)
- Fortinet Warns of New Zero-Day Used in Attacks on Firewalls with Exposed Interfaces (source)
- Hackers use FastHTTP in new high-speed Microsoft 365 password attacks (source)