The Lazarus group has launched sophisticated attacks on South Korean web servers, deploying ASP-based web shells as first-stage Command and Control (C2) servers. These attacks, evolving since May 2024, feature improved security and obfuscation techniques. Malicious scripts facilitate communication with attackers and enable file operations. Security experts recommend inspecting server vulnerabilities, rotating passwords, and enhancing monitoring to counteract these persistent threats.
Phishing Campaign Impersonates Booking.com, Plants Malware
Cybersecurity professionals have raised concerns over a new phishing campaign that imitates Booking.com to plant credential-stealing malware. The threat, first detected in December 2024, targets
