Hacking group also used an IE zero-day against security researchers

An Internet Explorer zero-day vulnerability has been discovered used in recent North Korean attacks against security and vulnerability researchers.

Last month, Google disclosed that the North Korean state-sponsored hacking group known as Lazarus was conducting social engineering attacks against security researchers.

To perform their attacks, the threat actors created elaborate online ‘security researcher’ personas that would then use social media to contact well-known security researchers to collaborate on vulnerability and exploit development.

Read more…
Source: Bleeping Computer