HC3: Lazaraus Group malware targets health systems’ ManageEngine vulnerabilities

Cybersecurity group, Cisco Talus, reports that the Lazarus Group is targeting internet infrastructure and healthcare entities in Europe and the US by exploiting a vulnerability in ManageEngine products with renewed malware, MagicRAT. Health Sector Cybersecurity Coordination Center (HC3) adds that the group is utilizing a new malware tool, CollectionRAT. Machine learning and heuristic analysis have proven less reliable as both RATs use the less commonly used Qt framework.