In the Lazarus Group’s latest campaign, which is detailed in a recent blog, the North Korean state-sponsored actor is exploiting CVE-2022-47966, a ManageEngine ServiceDesk vulnerability to deploy multiple threats. In addition to their “QuiteRAT” malware, which is covered in the blog, it was also discovered Lazarus Group is using a new threat called “CollectionRAT.”

 

Click here to read the full alert.