all InfoSec news
Lazarus Group Log4j Attacks Spread New Malware Families
Malware Analysis, News and Indicators - Latest topics malware.news
In recent attacks, North Korean threat group Lazarus targeted the Log4j flaw on publicly facing VMware Horizon servers in order to deploy Dlang-based malware, steal credentials and fingerprint infected systems.
The malicious activity, which was observed between March and September and that researchers with Cisco Talos track under “Operation Blacksmith,” leverages three malware families based in the D programming language: NineRAT, DLRAT and a downloader for deploying additional payloads. The fact that these are Dlang-based indicates a “definitive shift” in …
attacks blacksmith cisco cisco talos credentials deploy facing families fingerprint flaw horizon lazarus lazarus group log4j malicious malware march north north korean order researchers september servers steal systems talos threat threat group track under vmware vmware horizon