A significant security weakness affecting Zoho ManageEngine ServiceDesk Plus that has since been patched has been seen being used by the Lazarus Group, a threat actor with ties to North Korea, to spread a remote access trojan known as QuiteRAT.
Healthcare organizations in Europe and the United States are among the targets, according to a two-part research by cybersecurity company Cisco Talos.
A new threat known as CollectionRAT has also been found after a deeper look at the adversary’s recycling attack infrastructure in its cyberattacks on businesses.
Talos noted that the Lazarus Group’s continued reliance on the same tradecraft in spite of the components’ extensive historical documentation demonstrates the threat actor’s confidence in their operations read more Lazarus Group Exploits Critical Zoho ManageEngine Flaw to Deploy Stealthy QuiteRAT Malware.
Stay informed with the best cybersecurity news and raise your cybersecurity awareness with our comprehensive coverage of the latest threats, breaches, and solutions.