all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

MagicRAT: Lazarus’ latest gateway into victim networks

Add to bookmarks
Sept. 7, 2022, 12:01 p.m. | Vitor Ventura (noreply@blogger.com)

Cisco Talos Intelligence Group - Comprehensive Threat Intelligence blog.talosintelligence.com











By Jung soo An, Asheer Malhotra and Vitor Ventura.

  • Cisco Talos has discovered a new remote access trojan (RAT) we're calling "MagicRAT," developed and operated by the Lazarus APT group, which the U.S. government believes is a North Korean state-sponsored actor.
  • Lazarus deployed MagicRAT after the successful exploitation of vulnerabilities in VMWare Horizon platforms.
  • We've also found links between MagicRAT and another RAT known as "TigerRAT," disclosed and attributed to Lazarus by the Korean Internet & Security Agency …

apt gateway lazarus magicrat malware networks rat

Visit resource

More from blog.talosintelligence.com / Cisco Talos Intelligence Group - Comprehensive Threat Intelligence

What can we learn from the passwords used in brute-force attacks? 1 day, 11 hours ago | blog.talosintelligence.com
attacks brute brute-force can +5
Vulnerabilities in employee management system could lead to remote code execution, login credential theft 2 days, 13 hours ago | blog.talosintelligence.com
code code execution credential credential theft +21
Cisco Talos at RSAC 2024 3 days, 17 hours ago | blog.talosintelligence.com
announcements cisco cisco talos cybersecurity +12
James Nutland studies what makes threat actors tick, growing our understanding of the current APT … 4 days, 17 hours ago | blog.talosintelligence.com
adversary apt can current +14
The private sector probably isn’t coming to save the NVD 1 week, 1 day ago | blog.talosintelligence.com
arcanedoor coming cybercrime isn +9
Talos IR trends: BEC attacks surge, while weaknesses in MFA persist 1 week, 1 day ago | blog.talosintelligence.com
adversaries attacks bec bec attacks +17
ArcaneDoor - New espionage-focused campaign found targeting perimeter network devices 1 week, 2 days ago | blog.talosintelligence.com
apt campaign campaigns devices +15
Suspected CoralRaider continues to expand victimology using three information stealers 1 week, 3 days ago | blog.talosintelligence.com
apt argument bypass command +17
What’s the deal with the massive backlog of vulnerabilities at the NVD? 2 weeks ago | blog.talosintelligence.com
backlog current deal management +10

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Security Specialist

@ Nestlé | St. Louis, MO, US, 63164
View on infosec-jobs.com

Cybersecurity Analyst

@ Dana Incorporated | Pune, MH, IN, 411057
View on infosec-jobs.com

Sr. Application Security Engineer

@ CyberCube | United States
View on infosec-jobs.com

Linux DevSecOps Administrator (Remote)

@ Accenture Federal Services | Arlington, VA
View on infosec-jobs.com

Cyber Security Intern or Co-op

@ Langan | Parsippany, NJ, US, 07054-2172
View on infosec-jobs.com

Security Advocate - Application Security

@ Datadog | New York, USA, Remote
View on infosec-jobs.com
View more jobs