South Korean Companies Targeted by Lazarus via Watering Hole Attacks, Zero-Days - SecurityWeek

At least six South Korean organizations across various industries were targeted in a recent campaign by the North Korean APT Lazarus, dubbed Operation SyncHole. The campaign combined watering hole attacks with the exploitation of vulnerabilities in software commonly used by South Korean companies, including Cross EX and Innorix Agent. Kaspersky identified the malware used in the attacks and notified KrCERT, leading to the release of patches for the exploited bugs.