Iranian threat actors exploits Log4Shell vulnerability in SysAid apps

According to recent reports, Iranian Government hackers have managed to exploit the Log4Shell vulnerability in SysyAid Apps for initial access to the targeted organizations. Microsoft has tracked the threat actors as Mercury. 

The Log4Shell vulnerability first surfaced in the year 2021 when it was affecting the Apache Log4j logging utility. Authorities identified the flaw as CVE-2-21-44228 and it could exploit remote code execution. Many profit-driven cybercriminals and state-sponsored cyberspies leveraged the flaw. 

The Log4Shell vulnerability victimizes products of several major companies, which uses Log4j. However, in many instances it has also been exploited against VMware software. 

Mercury has previously exploited Log4j vulnerabilities. However, this turns out to be the first time for the threat actor to target SysAid apps. Previoulsy it did so agajnst VMware software. Microsoft expressed moderate confidence in regards to the hackers exploiting SysAid server instances. 

There has not been any other reports of threat actors exploiting Log4Shell against SysAid applications. 

SysAid provides IT service management solutions. They officially addressed the Log4Shell vulnerability soon after researchers discovered it. However, some instances still remain unpatched. 

Microsoft asserted that the threat actor has leveraged Log4j exploits against VMware applications in the early part of 2022. They likely looked for similar apps on the internet with potential of possessing such vulnerabilities. According to Microsoft, SysAid have must appeared as an attractive target for its presence in the targeted country. 




Readers like you help support The Tech Outlook. When you make a purchase using links on our site, we may earn an affiliate commission. We cannot guarantee the Product information shown is 100% accurate and we advise you to check the product listing on the original manufacturer website. Thetechoutlook is not responsible for price changes carried out by retailers. The discounted price or deal mentioned in this item was available at the time of writing and may be subject to time restrictions and/or limited unit availability. Amazon and the Amazon logo are trademarks of Amazon.com, Inc. or its affiliates Read More

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More