Lazarus exploit Log4Shell vulnerability to deliver novel RAT malware | allinfosecnews.com

Dec. 12, 2023, 2:33 p.m. | Helga Labus

Help Net Security www.helpnetsecurity.com

North Korea-backed group Lazarus has been spotted exploiting the Log4Shell vulnerability (CVE-2021-44228) and novel malware written in DLang (i.e., the memory-safe D programming language). “This campaign consists of continued opportunistic targeting of enterprises globally that publicly host and expose their vulnerable infrastructure to n-day vulnerability exploitation such as CVE-2021-44228. We have observed Lazarus target manufacturing, agricultural and physical security companies,” Cisco Talos researchers shared. Log4Shell still opens doors Log4Shell is a critical remote code execution … More →

The post …

campaign cisco cve cve-2021-44228 dlang don't miss enterprises exploit exploitation exploiting expose host hot stuff infrastructure korea language lazarus log4j log4shell log4shell vulnerability malware memory n-day north north korea novel programming programming language rat rat malware safe targeting vulnerability vulnerability exploitation vulnerable vulnerable infrastructure written

More from www.helpnetsecurity.com / Help Net Security

Most people still rely on memory or pen and paper for password management 1 day, 23 hours ago | www.helpnetsecurity.com

accounts australia authentication bitwarden +24

LSA Whisperer: Open-source tools for interacting with authentication packages 1 day, 23 hours ago | www.helpnetsecurity.com

authentication azuread cybersecurity github +16

What AI can tell organizations about their M&A risk 2 days ago | www.helpnetsecurity.com

acquisition adoption ai adoption amp +19

Breaking down the numbers: Cybersecurity funding activity recap 2 days ago | www.helpnetsecurity.com

10 million aim aim security alethea +55

New infosec products of the week: April 26, 2024 2 days, 1 hour ago | www.helpnetsecurity.com

april capabilities cyber cyberint +21

Net neutrality has been restored 2 days, 9 hours ago | www.helpnetsecurity.com

actions broadband communications consumers +24

Stellar Cyber and Acronis team up to provide optimized threat detection solutions for MSPs 2 days, 14 hours ago | www.helpnetsecurity.com

acronis aim and response cloud +22

Edgio Client-Side Protection enables organizations to secure critical customer data 2 days, 15 hours ago | www.helpnetsecurity.com

apis browser client client-side +26

IBM to buy HashiCorp in $6.4 billion cash deal, expanding cloud portfolio 2 days, 15 hours ago | www.helpnetsecurity.com

agreement capabilities cash cloud +18

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

View on infosec-jobs.com

Application Security Engineer - Enterprise Engineering

@ Meta | Bellevue, WA | Seattle, WA | New York City | Fremont, CA

View on infosec-jobs.com

Security Engineer

@ Retool | San Francisco, CA

View on infosec-jobs.com

Senior Product Security Analyst

@ Boeing | USA - Seattle, WA

View on infosec-jobs.com

Junior Governance, Risk and Compliance (GRC) and Operations Support Analyst

@ McKenzie Intelligence Services | United Kingdom - Remote

View on infosec-jobs.com

GRC Integrity Program Manager

@ Meta | Bellevue, WA | Menlo Park, CA | Washington, DC | New York City

View on infosec-jobs.com