Cyber Security Headlines

Lazarus exploits ManageEngine, Rockwell ThinManager vulnerabilities, Mississippi hospital attack

Aug 25, 2023

Lazarus Group exploits ManageEngine and Rockwell ThinManager vulnerabilities, Mississippi hospital attack. Topic includes cyberattacks, rat malware delivery, vulnerable XMPP servers, and new features in Chrome.

07:30

Creator website

Episode guests

Rockwell ThinManager

Lazarus Group

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

Lazarus Group exploits ManageEngine to launch cyberattacks on internet and healthcare, using a new remote access Trojan to remain undetected.

Vulnerabilities in Rockwell ThinManager software could result in denial of service, unauthorized file uploads, and full control of industrial control systems.

Deep dives

Lazarus Group Exploits Manage Engine to Target Internet and Healthcare Organizations

North Korea's Lazarus Group has been observed leveraging a critical vulnerability in Zoho's Manage Engine service desk to launch attacks on internet companies and healthcare providers in the U.S. and the U.K. These attacks involve the deployment of new remote access Trojan malware, known as the collection rat, which helps the group avoid detection. The exploitation of Manage Engine's vulnerability presents challenges for attribution, tracking, and developing effective protective measures.

Introduction

3min

Federal Standards, Sponsor Message, Hacktivist Group, Vulnerable XMPP Servers, and Chrome Extension Warning

3min

Reactive warning for SCAM extensions, new features in Chrome, fight against counterfeit Parmesan, and podcast promotion

2min

Lazarus Group exploits ManageEngine to drop new RATS on internet and healthcare

Vulnerabilities in Rockwell ThinManager threaten industrial control systems

Mississippi hospital system suffers cyberattack

Huge thanks to our sponsor, HyperProof

Is your company scaling? Do you need to quickly add more compliance frameworks but don’t know where to start? Hyperproof has you covered. Hyperproof is a risk and compliance management platform that can help you manage compliance at scale. With Hyperproof, you can quickly add new frameworks, crosswalk controls between frameworks, view your risk posture, and manage your risks, all in one place. Visit to get started today.

For the stories behind the headlines, head to CISOseries.com.

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.

Cyber Security Headlines

Lazarus exploits ManageEngine, Rockwell ThinManager vulnerabilities, Mississippi hospital attack

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Lazarus Group Exploits Manage Engine to Target Internet and Healthcare Organizations

Rockwell Thin Manager Faces Vulnerability Threatening Industrial Control Systems

Remember Everything You Learn from Podcasts