Ethical Hacking News Hubb
Advertisement Banner
  • Home
  • News
  • Ethical Hackers
  • Contact
No Result
View All Result
  • Home
  • News
  • Ethical Hackers
  • Contact
No Result
View All Result
Wellnessnewshubb
No Result
View All Result
Home Ethical Hackers

Iranian Hackers Exploiting Unpatched Log4j 2 Bugs to Target Israeli Organizations

admin by admin
August 27, 2022
in Ethical Hackers


Iranian state-sponsored actors are leaving no stone unturned to exploit unpatched systems running Log4j to target Israeli entities, indicating the vulnerability’s long tail for remediation.

Microsoft attributed the latest set of activities to the umbrella threat group tracked as MuddyWater (aka Cobalt Ulster, Mercury, Seedworm, or Static Kitten), which is linked to the Iranian intelligence apparatus, the Ministry of Intelligence and Security (MOIS).

CyberSecurity

The attacks are notable for using SysAid Server instances unsecured against the Log4Shell flaw as a vector for initial access, marking a departure from the actors’ pattern of leveraging VMware applications for breaching target environments.

“After gaining access, Mercury establishes persistence, dumps credentials, and moves laterally within the targeted organization using both custom and well-known hacking tools, as well as built-in operating system tools for its hands-on-keyboard attack,” Microsoft said.

Log4j 2 Bugs

The tech giant’s threat intelligence team said it observed the attacks between July 23 and 25, 2022.

A successful compromise is said to have been followed by the deployment of web shells to execute commands that permit the actor to conduct reconnaissance, establish persistence, steal credentials, and facilitate lateral movement.

Also employed for command-and-control (C2) communication during intrusions is a remote monitoring and management software called eHorus and Ligolo, a reverse-tunneling tool of choice for the adversary.

CyberSecurity

The findings come as the U.S. Department of Homeland Security’s Cyber Safety Review Board (CSRB) deemed the critical vulnerability in the open-source Java-based logging framework an endemic weakness that will continue to plague organizations for years to come as exploitation evolves.

Log4j’s wide usage across many suppliers’ software and services means sophisticated adversaries like nation-state actors and commodity operators alike have opportunistically taken advantage of the vulnerability to mount a smorgasbord of attacks.

The Log4Shell attacks also follow a recent report from Mandiant that detailed an espionage campaign aimed at Israeli shipping, government, energy, and healthcare organizations by a likely Iranian hacking group dubbed UNC3890.





Source link

Tags: computer securitycyber attackscyber newscyber security newscyber security news todaycyber security updatescyber updatesdata breachhacker newshacking newshow to hackinformation securitynetwork securityransomware malwaresoftware vulnerabilitythe hacker news
Previous Post

How to Watch Guilt Season 2 Online for Free

Next Post

Execute Full Pentesting Processes Combining Multiple Hacking Tools Automatically

Next Post

Execute Full Pentesting Processes Combining Multiple Hacking Tools Automatically

Recommended

StrongPity Hackers Distribute Trojanized Telegram App to Target Android Users

2 weeks ago

Emotet Botnet Distributing Self-Unlocking Password-Protected RAR Files to Drop Malware

3 months ago

© 2022 Ethical Hacking News Hubb All rights reserved.

Use of these names, logos, and brands does not imply endorsement unless specified. By using this site, you agree to the Privacy Policy and Terms & Conditions.

Navigate Site

  • Home
  • News
  • Ethical Hackers
  • Contact

Newsletter Sign Up.

No Result
View All Result
  • Home
  • News
  • Ethical Hackers
  • Contact

© 2022 Ethical Hacking News Hubb All rights reserved.