Tag

Log4j

All articles tagged with #log4j

Lazarus Group Exploits Log4j Bug with New RAT Malware

Originally Published 2 years ago — by BleepingComputer

The Lazarus hacking group, believed to be based in North Korea, is exploiting the Log4j vulnerability to deploy new malware, including two remote access trojans (RATs) named NineRAT and DLRAT, as well as a malware downloader called BottomLoader. The use of the D programming language is unusual and likely chosen to evade detection. The campaign, dubbed "Operation Blacksmith," began in March 2023 and targets manufacturing, agricultural, and physical security companies globally. Lazarus' tactics and tools continue to evolve, demonstrating the group's adaptability. The malware allows for command and control communication via Telegram and supports various commands for information gathering, file exfiltration, and system manipulation. Cisco Talos researchers suspect that Lazarus may share collected data with other advanced persistent threat (APT) groups.

business cybersecurity cybersecurity lazarus log4j malware rat

Log4J Vulnerability: A Persistent Security Concern for Businesses

Originally Published 2 years ago — by BleepingComputer

Approximately 38% of applications using the Apache Log4j library are still using vulnerable versions, including Log4Shell, a critical remote code execution flaw. Despite patches being available for over two years, many organizations continue to use outdated versions of Log4j, leaving themselves open to security risks. A report from Veracode highlights the persistence of old vulnerabilities and the reluctance of developers to update third-party libraries. The recommendation is for companies to scan their environment, identify the versions of open-source libraries in use, and develop an emergency upgrade plan.

business cybersecurity cybersecurity log4j log4shell remote-code-execution software-supply-chain vulnerability