AJ Vicens reports:
Two years after the Log4j vulnerability was revealed, North Korean hackers are continuing to use the flaw in a ubiquitous piece of open source software to carry out attacks as part of a hacking campaign targeting manufacturing, agricultural and physical security entities, according to research released Monday.
Carried out over the course of 2023 and described in a report released by Cisco’s Talos Intelligence Group on Monday, the campaign employed at least three new malware families and relied, in part, on the Log4Shell exploit, highlighting the long tail of the Log4j vulnerability and how failure to patch the flaw is providing a ready tool to malicious hackers.
The campaign was the work of one of a plethora of North Korean hacking units operating under the broad Lazarus umbrella, a term industry and government researchers use to refer to the array of North Korean government hacking operations that engage in everything from cyberespionage to cryptocurrency thefts, ransomware and supply chain attacks.
Read more at CyberScoop.