#CiscoTalos

Lazarus Group Using Log4j Exploits to Deploy Remote Access Trojans

by

December 11, 2023 at 09:12AM The Lazarus Group, a North Korea-linked threat actor, has launched a global campaign exploiting Log4j security flaws to deploy remote access trojans. Cisco Talos named the operation “Operation Blacksmith,” noting the use of DLang-based malware families. The group’s tactics overlap with Andariel, targeting various sectors and using NineRAT through a … Read more

8Base Group Deploying New Phobos Ransomware Variant via SmokeLoader

by

November 18, 2023 at 07:00AM Cisco Talos has discovered that the 8Base ransomware group is using a variant of the Phobos ransomware in its attacks. The malware is distributed through the SmokeLoader backdoor trojan, and the group has been active at least since March 2022. The findings also reveal the methods and characteristics of the … Read more