North Korean state-sponsored hackers Lazarus Group have been exploiting a ManageEngine ServiceDesk vulnerability to target internet backbone infrastructure and healthcare institutions in Europe and the U.S. The malware is capable of downloading and deploying additional malicious payloads. The researchers were able to associate the latest attacks with Lazarus and identify other malware they use.
According to Cisco Talos researchers, the Lazarus Group is slightly changing attack tactics. Lazarus Group is known for mounting financially motivated and cyberespionage cyberattacks aimed at furthering North Korea’s political goals and at stealing cryptocurrency necessary to finance the nation’s various efforts.
Read more: https://www.helpnetsecurity.com/2023/08/25/lazarus-group-manageengine/