Lazarus distributes Nukesped to VMware Horizon Servers by exploiting Log4J

Threat Advisories

Lazarus distributes Nukesped to VMware Horizon Servers by exploiting Log4J

May 25, 2022
Threat Level
Red
Actor Report

For a detailed advisory, download the pdf file here

Summary

Lazarus, a North Korean threat actor group, is deploying Nukesped (aka Manuscrypt) malware on unpatched VMware Horizon servers by exploiting the Log4J remote code execution vulnerability.

 

Recent Posts

Join Our Newsletter 14,000+ subscribers and growing! Get top cybersecurity news delivered directly to your inbox.
Sign Up to Receive Our Weekly Threat Digest