HHS has warned that Lazarus Group, a North Korean state-sponsored hacking group, has been concentrating on U.S. healthcare by exploiting a vulnerability in ManageEngine merchandise.
The vulnerability has allowed the group to deploy distant code execution to conduct hacks, in line with a Sept. 18 information launch from HHS.
5 days after the vulnerability appeared in ManageEngine merchandise, North Korean hackers started exploiting it, particularly concentrating on healthcare entities within the U.S. and Europe.
HHS recommends healthcare organizations work to determine any potential vulnerabilities in the event that they use ManageEngine merchandise.