HHS has warned that Lazarus Group, a North Korean state-sponsored hacking group, has been targeting U.S. healthcare by exploiting a vulnerability in ManageEngine products.
The vulnerability has allowed the group to deploy remote code execution to conduct hacks, according to a Sept. 18 news release from HHS.
Five days after the vulnerability appeared in ManageEngine products, North Korean hackers began exploiting it, specifically targeting healthcare entities in the U.S. and Europe.
HHS recommends healthcare organizations work to identify any possible vulnerabilities if they use ManageEngine products.