Google’s Threat Analysis Group (TAG) reported that North Korea actively exploited a zero-day vulnerability in Internet Explorer in October 2022. The attack was targeted at South Korean users. It was carried out by injecting malware into documents related to the recent mass stampede in Seoul during the Halloween celebration.
The attack is believed to be the work of APT37, a group backed by the North Korean government. The group has previously used similar Internet Explorer zero-day exploits in targeted attacks against North Korean defectors, politicians, journalists, human rights activists, and South Korean IE users.
EXCEL FOR BUSINESS
Master Excel in just 1.5 months and increase the efficiency of business processes in your company.
Microsoft reported the vulnerability within hours of its discovery on October 31, and the company patched the vulnerability on November 8.
Source: The Verge