Log4j – TheCyberThrone

Cato at RSA 2024 – Log4j Vulnerability is still most exploitable

The Log4J vulnerability (CVE-2021-44228) exploit remains one of the most attempted exploits even after three years observed by cloud security provider Cato Networks. In the report published at RSA Conference…

PravinKarthik May 8, 2024

Log4j 2nd Year Anniversary Still a Pain

Recent research reports reveal that even after two years, several organizations are still vulnerable to Log4j. The analysis is done between August 15 and November 38,278, covering unique applications running…

PravinKarthik December 11, 2023

Log4j Vulnerabilities Abused by Proxyjacking Attack

Researchers have spotted a new malicious campaign called as proxyjacking targets the Log4j vulnerability. The adversaries attempt to install the legitimate network segmentation tool called proxyware on unsuspecting victims to…

PravinKarthik April 7, 2023

Log4j – First Year Anniversary ! Lesson Learned -Importance of Software Supply Chain Risk

The first anniversary of Log4j is about to come later in this week, this is a good time to revisit the importance of analyzing supply chain security, as well as…

PravinKarthik December 5, 2022

Threat Actors Breached FECB using Log4j

The U.S. CISA disclosed that an Iranian government-sponsored APT group hacked the Federal Civilian Executive Branch. The breach, which dates to February, was first detected in mid-June, and CISA conducted…

PravinKarthik November 17, 2022

Monti Ransomware follows Heirs of Conti

Security researchers have discovered a ransomware campaign from a group called Monti, may be the name derived since it relies almost entirely on leaked Conti code to launch attacks. The…

PravinKarthik September 10, 2022

Log4j leveraged for attacking Israeli Organization

Iran-based threat actor MuddyWater aka MERCURY has been leveraging the exploitation of Log4j 2 vulnerabilities in SysAid applications to target organizations in Israel. A new advisory from Microsoft's security researchers, MERCURY's observed…

PravinKarthik August 27, 2022

Unit 42 assess on Hackers Sweet Spots

Attackers while looks into few of the luring application vulnerability targets, they wont wait long to exploit the environment. Researchers from Unit 42 analyzed and released Incident Response Report. Six…

PravinKarthik July 30, 2022