N. Korean Lazarus Group Targets Software Vendor Using Known Flaws

The North Korea-aligned Lazarus Group has been identified as instigating a new cyber campaign, compromising an unnamed software vendor by exploiting known security flaws in another high-profile software. The Russian cybersecurity firm Kaspersky indicated that this company had repeatedly been a victim of Lazarus attacks. The threat actor demonstrated a high level of cyber sophistication, using advanced evasion techniques and SIGNBT malware.