Lazarus exploit Log4Shell vulnerability to deliver novel RAT malware

North Korea-backed group Lazarus has been spotted exploiting the Log4Shell vulnerability (CVE-2021-44228) and novel malware written in DLang (i.e., the memory-safe D programming language). “This campaign consists of continued opportunistic targeting of enterprises globally that publicly host and expose their vulnerable infrastructure to n-day vulnerability exploitation such as CVE-2021-44228. We have observed Lazarus target manufacturing, agricultural and physical security companies,” Cisco Talos researchers shared. Log4Shell still opens doors Log4Shell is a critical remote code execution … More →

The post …

campaign cisco cve cve-2021-44228 dlang don't miss enterprises exploit exploitation exploiting expose host hot stuff infrastructure korea language lazarus log4j log4shell log4shell vulnerability malware memory n-day north north korea novel programming programming language rat rat malware safe targeting vulnerability vulnerability exploitation vulnerable vulnerable infrastructure written