• Latest
  • Trending
Aquatic Panda infiltrated institution through Log4j vulnerability

Aquatic Panda infiltrated institution through Log4j vulnerability

December 30, 2021
Qualcomm Announces Snapdragon 8+ Gen 1 and Snapdragon 7 Gen 1

Qualcomm Announces Snapdragon 8+ Gen 1 and Snapdragon 7 Gen 1

May 20, 2022
HP’s premium laptop revamp: more OLED displays, 12th-gen Intel CPUs

HP’s premium laptop revamp: more OLED displays, 12th-gen Intel CPUs

May 20, 2022
Android 13 beta will test out-of-the-box support for most braille displays

Android 13 beta will test out-of-the-box support for most braille displays

May 20, 2022
WhatsApp to Launch Cloud-Based Tools, Premium Features for Businesses

WhatsApp to Launch Cloud-Based Tools, Premium Features for Businesses

May 20, 2022
Huawei and SolarEdge Sign a Global Patent License Agreement

Huawei and SolarEdge Sign a Global Patent License Agreement

May 20, 2022
Dijbouti Telecom Welcomes the Landing of 2Africa Submarine Cable

Dijbouti Telecom Welcomes the Landing of 2Africa Submarine Cable

May 20, 2022
Ghana Smart Africa Digital Academy launches its national digital academy

Ghana Smart Africa Digital Academy launches its national digital academy

May 20, 2022
Ghana’s Rural Telecom Facilities to be Upgraded to 4G

Ghana’s Rural Telecom Facilities to be Upgraded to 4G

May 20, 2022
Silicon Power Announces UD90 PCIe 4.0 SSD

Silicon Power Announces UD90 PCIe 4.0 SSD

May 20, 2022
ZADAK Announces TWSG4S PCIe Gen4 x4 SSD

ZADAK Announces TWSG4S PCIe Gen4 x4 SSD

May 20, 2022
Samsung Sampling 512GB CXL Memory Module

Samsung Sampling 512GB CXL Memory Module

May 20, 2022
IBM Elastic Storage System 3500

IBM Elastic Storage System 3500

May 20, 2022
  • Consumer Watch
  • Kids Page
  • Directory
  • Events
  • Reviews
Saturday, 21 May, 2022
  • Login
itechnewsonline.com
  • Home
  • Tech
  • Africa Tech
  • InfoSEC
  • Data Science
  • Data Storage
  • Business
  • Opinion
Subscription
Advertise
No Result
View All Result
itechnewsonline.com
No Result
View All Result

Aquatic Panda infiltrated institution through Log4j vulnerability

CrowdStrike said in a new report that they've seen a China-based group searching for intellectual property through Log4Shell.

by ITECHNEWS
December 30, 2021
in Leading Stories, Tech
0 0
0
Aquatic Panda infiltrated institution through Log4j vulnerability

Cybersecurity company CrowdStrike has discovered an attempt by a China-based group to infiltrate an academic institution through the Log4j vulnerability.

CrowdStrike called the group “Aquatic Panda” and said it is an “intrusion adversary with a dual mission of intelligence collection and industrial espionage” that has operated since at least May 2020.

YOU MAY ALSO LIKE

Qualcomm Announces Snapdragon 8+ Gen 1 and Snapdragon 7 Gen 1

HP’s premium laptop revamp: more OLED displays, 12th-gen Intel CPUs

The group’s exact intent is unknown because the attack was disrupted. CrowdStrike told ZDNet, however, that Aquatic Panda is known to maintain persistence in environments to gain access to intellectual property and other industrial trade secrets.

“Aquatic Panda operations have primarily focused on entities in the telecommunications, technology, and government sectors,” CrowdStrike explained in a report.

According to CrowdStrike, their system uncovered “suspicious activity stemming from a Tomcat process running under a vulnerable VMWare Horizon instance at a large academic institution, leading to the disruption of an active hands-on intrusion.”

After watching the group operate and examining the telemetry available, CrowdStrike said it believes that a modified version of the Log4j exploit was likely used during the course of the threat actor’s operations.

The team at CrowdStrike discovered that Aquatic Panda used a public GitHub project from Dec.13, 2021 in order to gain access to the vulnerable instance of VMWare Horizon.

“Aquatic Panda continued their reconnaissance from the host, using native OS binaries to understand current privilege levels as well as system and domain details. OverWatch threat hunters also observed an attempt to discover and stop a third-party endpoint detection and response (EDR) service,” the company explained.

“Throughout the intrusion, OverWatch tracked the threat actor’s activity closely in order to provide continuous updates to the victim organization. Based on the actionable intelligence provided by OverWatch, the victim organization was able to quickly implement their incident response protocol, eventually patching the vulnerable application and preventing further threat actor activity on the host.”

CrowdStrike officials told ZDNet that they are seeing various threat actors both inside and outside of China leveraging the Log4J vulnerability, with adversaries ranging from advanced threat actors to eCrime actors.

“In the end, the viability of this exploit is well-proven with a substantial attack surface still present. We will continue to see threat actors making use of this vulnerability until all recommended mitigations are put into place,” CrowdStrike said in an interview.

Last week, the US, UK, Australia and other countries issued a Log4j advisory in response to “active, worldwide exploitation by numerous threat actors, including malicious cyber threat actors.”

Numerous groups from North Korea, Iran, Turkey and China have been seen exploiting the vulnerability alongside a slate of ransomware groups and cybercriminal organizations.

CISA Director Jen Easterly said Log4j vulnerabilities present a severe and ongoing threat to organizations and governments around the world

“We implore all entities to take immediate action to implement the latest mitigation guidance to protect their networks,” Easterly said. “These vulnerabilities are the most severe that I’ve seen in my career, and it’s imperative that we work together to keep our networks safe.”

Source: Jonathan Greig
Via: ZDnet
Tags: Aquatic PandaCrowdStrike
ShareTweetShare

Get real time update about this post categories directly on your device, subscribe now.

Unsubscribe

Search

No Result
View All Result

Recent News

Qualcomm Announces Snapdragon 8+ Gen 1 and Snapdragon 7 Gen 1

Qualcomm Announces Snapdragon 8+ Gen 1 and Snapdragon 7 Gen 1

May 20, 2022
HP’s premium laptop revamp: more OLED displays, 12th-gen Intel CPUs

HP’s premium laptop revamp: more OLED displays, 12th-gen Intel CPUs

May 20, 2022
Android 13 beta will test out-of-the-box support for most braille displays

Android 13 beta will test out-of-the-box support for most braille displays

May 20, 2022

About What We Do

itechnewsonline.com

We bring you the best Premium Tech News.

Recent News With Image

Qualcomm Announces Snapdragon 8+ Gen 1 and Snapdragon 7 Gen 1

Qualcomm Announces Snapdragon 8+ Gen 1 and Snapdragon 7 Gen 1

May 20, 2022
HP’s premium laptop revamp: more OLED displays, 12th-gen Intel CPUs

HP’s premium laptop revamp: more OLED displays, 12th-gen Intel CPUs

May 20, 2022

Recent News

  • Qualcomm Announces Snapdragon 8+ Gen 1 and Snapdragon 7 Gen 1 May 20, 2022
  • HP’s premium laptop revamp: more OLED displays, 12th-gen Intel CPUs May 20, 2022
  • Android 13 beta will test out-of-the-box support for most braille displays May 20, 2022
  • WhatsApp to Launch Cloud-Based Tools, Premium Features for Businesses May 20, 2022
  • Home
  • InfoSec
  • Opinion
  • Africa Tech
  • Data Storage

© 2021 iTechNewsOnline.Com - Powered by BackUpDataSystems

No Result
View All Result
  • Home
  • Tech
  • Africa Tech
  • InfoSEC
  • Data Science
  • Data Storage
  • Business
  • Opinion

© 2021 iTechNewsOnline.Com - Powered by BackUpDataSystems

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?
Go to mobile version