Hijacked Management Server Implicated in South Korea Attack

The Register is reporting that the recent cyber attacks in South Korea may have used the patch server as the attack vector.

This is a good illustration of why defense in depth is important. Sophos reports that the signatures for the malware were well-known and should have been caught by updated malware detection software.

If you missed it, Wired Magazine had a pretty good write-up in the initial aftermath of the attack.