The exploit allowed Lazarus to enhance its FudModule rootkit, enabling it to evade detection and disable security protections. Additionally, a previously undocumented remote access trojan (RAT) used by Lazarus was discovered.
Malware designed to seek out and disable enterprise security defenses has surged in popularity over the past year to comprise nearly a quarter (26%) of all detections in 2023, according to Picus Security. The cybersecurity vendor revealed the news in its Picus Red Report 2024, compiled from analysis of 612,080 malicious files last year, to […]
Admins are advised to upgrade to the latest ALEOS version, change default SSL certificates, disable non-essential services, implement web application firewalls, and install an OT/IoT-aware IDS for enhanced protection against these vulnerabilities.