Log4Shell Report by CISA (MAR-10386789-1.v1 – Log4Shell)

The US Department of Homeland Security (CISA) released a report on cyber-security in the wake of an attack on a VMware Horizon server in June 2022, which was compromised by cyber actors who exploited Log4Shell.

REFERENCE: https://www.cisa.gov/uscert/ncas/analysis-reports/ar22-203a

TAGS: CISA, Log4Shell

ATT&CK IDS: T1053 - Scheduled Task/Job, T1059 - Command and Scripting Interpreter, T1027 - Obfuscated Files or Information, T1059.001 - PowerShell, T1090 - Proxy, T1190 - Exploit Public-Facing Application

Read More:

https://otx.alienvault.com/pulse/62e3b92d4b5b512cd7c78750