all InfoSec news
Researchers Uncover New Lazarus Group Malware Details
Malware Analysis, News and Indicators - Latest topics malware.news
After uncovering a campaign by the North Korean state-sponsored Lazarus Group that targeted internet infrastructure and healthcare organizations in the U.S. and UK, researchers discovered new details about two different malware families in use by the prominent threat group.
The campaign by Lazarus Group in early 2023 exploited a ManageEngine ServiceDesk flaw (CVE-2022-47966) just four days after related PoCs were publicly disclosed. After gaining initial access, researchers observed the threat group execute a malicious binary and use the curl command …
campaign cve cve-2022-47966 exploited flaw healthcare infrastructure internet internet infrastructure lazarus lazarus group malware manageengine north north korean organizations researchers sponsored state threat threat group uncover