Ransomware Attacks Are Likely Imminent As Admins, Cybersecurity Pros Scramble to Address Log4Shell Vulnerability
Scammers hacked Indian Prime Minister's Twitter account, Attack campaign targeted up to 1.6 million WordPress sites, Volvo confirms cyberattack, Brazil health ministry hit by ransomware, more
Check out my latest CSO Online column, which focuses on NIST’s efforts to develop IoT and software security labels.
The internet was “on fire” over the weekend as IT administrators and cybersecurity professionals scanned for the Log4Shell vulnerability in the Apache Log4j Java-based logging platform and threat actors began positioning themselves to exploit it.
On Friday, threat actors exploited the Log4Shell vulnerability to execute shell scripts that download and install various cryptominers. Threat actors behind the Kinsing backdoor and crypto mining botnet are heavily abusing the Log4j vulnerability with Base64 encoded payloads that have the vulnerable server download and execute shell scripts. Additionally, Netlab 360 reports that the threat actors are exploiting the vulnerability to install the Mirai and Muhstik malware on vulnerable devices.
Microsoft reports that threat actors are exploiting the vulnerability to drop Cobalt Strike beacons, cracked versions of which are used as par…
Keep reading with a 7-day free trial
Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.