all InfoSec news
Lazarus Group exploited ManageEngine vulnerability to target critical infrastructure
Help Net Security www.helpnetsecurity.com
North Korean state-sponsored hackers Lazarus Group have been exploiting a ManageEngine ServiceDesk vulnerability (CVE-2022-47966) to target internet backbone infrastructure and healthcare institutions in Europe and the US. The group leveraged the vulnerability to deploy QuiteRAT, downloaded from an IP address previously associated with the Lazarus hacking group (aka APT38). QuiteRAT CVE-2022-47966 has been patched in mid-January 2023, and soon after a PoC exploit for it was publicly released and exploitation attempts started in earnest. The … More
The post …
address apt38 cisco critical critical infrastructure cve cve-2022-47966 deploy don't miss europe exploited exploiting hackers hacking hacking group healthcare hot stuff infrastructure institutions internet ip address lazarus lazarus group malware manageengine north north korea north korean quiterat sponsored state target trojan usa vulnerability