* Our Parent Company Crypto Token is LIVE!!! *Flag Token

US: Iranian Hackers Breached Government with Log4Shell


Share post:

The US authorities have urged all agencies to patch VMware systems after revealing that Iranian state-backed actors exploited the Log4Shell bug to compromise a government organization.

The alert from the Cybersecurity and Infrastructure Security Agency (CISA) claimed the unnamed Federal Civilian Executive Branch (FCEB) organization was compromised as long ago as February 2022.

An incident response engagement starting mid-June uncovered the compromise, which used the infamous Log4j bug for initial access.

“In the course of incident response activities, CISA determined that cyber-threat actors exploited the Log4Shell vulnerability in an unpatched VMware Horizon server, installed XMRig crypto-mining software, moved laterally to the domain controller (DC), compromised credentials and then implanted Ngrok reverse proxies on several hosts to maintain persistence,” CISA said.

“CISA and FBI encourage all organizations with affected VMware systems that did not immediately apply available patches or workarounds to assume compromise and initiate threat hunting activities.”


Read more…

Related articles

Introducing Liza Landsman as Stash CEO

The e-commerce innovator, powerhouse operator, and elite venture investor was handpicked for the top spot by co-founders Brandon...

Crypto Companies Continue Layoffs, Downsizing way into Jan 2023

In a sea of tech layoffs, Crypto companies are also feeling the heat this far into January 2023....

SEC Under Scrutiny: Congress To Review Regulatory Overreach

For several months, the SEC has been under fire for its actions. It was unsuccessful in preventing the...