North Korean hacking group Lazarus Group is exploiting Log4Shell to target manufacturing, agriculture and physical security sectors, resulting in the deployment of a tailored implant on compromised systems. This attack campaign targeted publicly accessible VMware Horizon servers, leveraging the Log4Shell vulnerability tracked as CVE-2021-44228 for initial access, Cisco Talos researchers found. Read More
In a new advisory that shows why it’s critical to keep Adobe ColdFusion deployments up to date, the US Cybersecurity and Infrastructure Security Agency (CISA) warns that two federal agencies were breached by attackers in June through an unpatched vulnerability in the application server software. The attackers used their access to deploy web shells and […]
The United States on Thursday sanctioned North Korean cyberespionage threat actor Kimsuky, known for its social engineering campaigns against targets it suspects of holding intelligence on geopolitical events and negotiations affecting the Hermit Kingdom. The Department of the Treasury leveled sanctions against the threat actor and eight North Korean agents accused of facilitating sanctions evasions […]
Latest Comments