4 matches found
Pentales: Red Team vs. N-Day (and How We Won)
During a recent Vector Command operation, I had the chance to sit down with one of our red teamers to hear firsthand how they identified and exploited an N-Day vulnerability in a customer’s environment. It’s a clear example of how continuous red teaming can uncover and validate real-world risks...
Lazarus Group Exploits Google Chrome Vulnerability to Control Infected Devices
The North Korean threat actor known as Lazarus Group has been attributed to the zero-day exploitation of a now-patched security flaw in Google Chrome to seize control of infected devices. Cybersecurity vendor Kaspersky said it made the discovery after it came across a novel attack chain in May 20...
Operation Blacksmith: Lazarus targets organizations worldwide using novel Telegram-based malware written in DLang
Cisco Talos recently discovered a new campaign conducted by the Lazarus Group were calling "Operation Blacksmith," employing at least three new DLang-based malware families, two of which are remote access trojans RATs, where one of these uses Telegram bots and channels as a medium of command and...
Exploit for SQL Injection in Zohocorp Manageengine_Network_Configuration_Manager
CVE-2021-41081 N-DAY VULNERABILITY RESEARCH F...