This article has been indexed from Softpedia News / Security
InkySquid, a North Korean hacker, exploited two different vulnerabilities in Internet Explorer to infect users using custom Strategic Web Compromise (SWC) operations, according to The Hacker News.
The vulnerabilities in question are CVE-2021-26411 – Internet Explorer Memory Corruption Vulnerability, with a CVSS score of 8.8, and CVE-2020-1380 – Scripting Engine Memory Corruption Vulnerability, with a CVSS score of 7.5. Both vulnerabilities have been actively exploited in the wild, with North Korean hackers compromising the work of research and development security experts in a campaign launched in early January.
A South Korean online publication was the first victim of the hacker also known as APT37 or ScarCruft. The magazine in question, Daily NK, has been infected with malware from the end of March this year and the beginning of June this year. The infection…
Read the original article: North Korea Hackers Spreading Malware via Browser Exploits