North Korean advanced persistent threat group Lazarus – aka Hidden Cobra – is developing supply chain attack capabilities, researchers say. Lazarus has been using the MATA framework to deliver payloads since 2019, according to Kaspersky and NetLabs. The group is likely using MATA for cyberespionage purposes, the researchers say, and it is looking to expand its capabilities with supply chain attacks, they say. To defend against these attacks, organizations should teach users how to spot and report these social engineering attacks, experts say.”]
Source: https://www.cuinfosecurity.com/lazarus-adds-supply-chain-attack-to-list-capabilities-a-17811