all InfoSec news
Lazarus RAT Attack (CVE-2021-44228)
Dec. 12, 2023, 10:40 p.m. |
FortiGuard Labs | FortiGuard Center - Threat Signal Report fortiguard.fortinet.com
A new attack campaign led by the Lazarus threat actor group is seen employing new DLang-based Remote Access Trojan (RAT) malware. The attack attempts to exploit the Apache Log4j2 vulnerability (CVE-2021-44228) as initial access. Once compromised, it eventually creates a command and control (C2) channel.
What is the Vendor Solution?
Apache has released relevant updates in 2021 on https://logging.apache.org/log4j/2.x/security.html. CISA has provided guidance on mitigating the vulnerability at https://www.cisa.gov/news-events/news/apache-log4j-vulnerability-guidance.
What FortiGuard Coverage is available?
FortiGuard Labs …
access actor apache apache log4j2 attack campaign channel command command and control compromised control cve cve-2021-44228 dlang exploit initial access lazarus led log4j2 malware rat remote access remote access trojan solution threat threat actor trojan vendor vulnerability what is
More from fortiguard.fortinet.com / FortiGuard Labs | FortiGuard Center - Threat Signal Report
GitLab Password Reset Vulnerability (CVE-2023-7028)
5 days, 10 hours ago |
fortiguard.fortinet.com
Ignite Realtime Openfire Path Traversal Vulnerability (CVE-2023-32315)
6 days, 10 hours ago |
fortiguard.fortinet.com
Jobs in InfoSec / Cybersecurity
Information Security Problem Manager
@ Deutsche Bank | Bucharest
Information System Security Officer
@ Booz Allen Hamilton | USA, VA, Chantilly (15009 Conference Ctr Dr)
Senior Account Executive - Cybersecurity
@ OpenText | Virtual, CA
Grants Compliance Senior Specialist
@ Plan International | Bamako, Mali
Sr. Cybersecurity Engineer- Tenable
@ phia, LLC | Arlington, VA
Portfolio Manager- Enterprise Information Security Auditing
@ American Chemical Society | Columbus, OH, US, 43202