The Lazarus group, linked to North Korean actors, has been targeting IIS servers to deploy malicious ASP web shells, facilitating the spread of malware, including the LazarLoader variant. These attacks involve exploiting web server vulnerabilities and use C2 servers to maintain stealth and longevity in cyber operations. Cybersecurity firm AhnLab has recommended regular security audits, stronger authentication, up-to-date software, and constant network traffic monitoring as safeguards against such attacks.
Phishing Campaign Impersonates Booking.com, Plants Malware
Cybersecurity professionals have raised concerns over a new phishing campaign that imitates Booking.com to plant credential-stealing malware. The threat, first detected in December 2024, targets
