
Cyber Security Headlines
Lazarus exploits ManageEngine, Rockwell ThinManager vulnerabilities, Mississippi hospital attack
Aug 25, 2023
Lazarus Group exploits ManageEngine and Rockwell ThinManager vulnerabilities, Mississippi hospital attack. Topic includes cyberattacks, rat malware delivery, vulnerable XMPP servers, and new features in Chrome.
07:30
Episode guests
AI Summary
AI Chapters
Episode notes
Podcast summary created with Snipd AI
Quick takeaways
- Lazarus Group exploits ManageEngine to launch cyberattacks on internet and healthcare, using a new remote access Trojan to remain undetected.
- Vulnerabilities in Rockwell ThinManager software could result in denial of service, unauthorized file uploads, and full control of industrial control systems.
Deep dives
Lazarus Group Exploits Manage Engine to Target Internet and Healthcare Organizations
North Korea's Lazarus Group has been observed leveraging a critical vulnerability in Zoho's Manage Engine service desk to launch attacks on internet companies and healthcare providers in the U.S. and the U.K. These attacks involve the deployment of new remote access Trojan malware, known as the collection rat, which helps the group avoid detection. The exploitation of Manage Engine's vulnerability presents challenges for attribution, tracking, and developing effective protective measures.
Remember Everything You Learn from Podcasts
Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.