An unprecedented China-based targeted intruder opponent named Aquatic panda was watched him critical errors in the Apache Log4j logging library as an access vector to perform various post-exploitation operations including reconnaissance and collection of credentials on target systems.

Cybersecurity firm CrowdStrike said the infiltration, which was eventually foiled, was directed against an unnamed “large academic institution”. The state-sponsored group is said to have been looking for intelligence information and industrial espionage since mid-2020, with attacks primarily targeting companies in the telecommunications, technology and government sectors.

Automatic GitHub backups

The attempted break-in took advantage of the newly discovered Log4Shell Error (CVE-2021-44228, CVSS score: 10.0) to access a vulnerable instance of the VMware Horizon Desktop and app virtualization product followed by executing a series of malicious commands that are orchestrated to get threat actors …


Source link

Leave a Reply