Lazarus Group Leverages Zero-Day Vulnerability in Supply Chain Attack
The National Cyber Security Center (NCSC) and Korea's National Intelligence
Service (NIS) have jointly issued a warning about a sophisticated cyberattack
executed by the North Korea-linked Lazarus hacking group.
The attack utilized a zero-day vulnerability in MagicLine4NX software, commonly
used for digital authentication and transactions.
Exploiting Software Vulnerabilities
As outlined in the joint advisory
[https://eng.nis.go.kr/ECM/1_3_1_1.do?seq=83¤tPage=1], "In March 2023,
cyber act