all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Iranian Hackers Exploit Log4j Vulnerability to Deploy PowerShell Backdoor

Add to bookmarks
Jan. 15, 2022, 6:13 a.m. | noreply@blogger.com (Ravie Lakshmanan)

The Hacker News thehackernews.com

An Iranian state-sponsored actor has been observed scanning and attempting to abuse the Log4Shell flaw in publicly-exposed Java applications to deploy a hitherto undocumented PowerShell-based modular backdoor dubbed "CharmPower" for follow-on post-exploitation.
"The actor's attack setup was obviously rushed, as they used the basic open-source tool for the exploitation and based their operations

backdoor exploit hackers log4j log4j vulnerability powershell vulnerability

Visit resource

More from thehackernews.com / The Hacker News

BlackTech Targets Tech, Research, and Gov Sectors New 'Deuterbear' Tool 9 hours ago | thehackernews.com
actor asia attack backdoor +15
How Attackers Can Own a Business Without Touching the Endpoint 12 hours ago | thehackernews.com
apps attack attackers attack techniques +14
Akira Ransomware Gang Extorts $42 Million; Now Targets Linux Servers 12 hours ago | thehackernews.com
akira akira ransomware america businesses +19
Hackers Target Middle East Governments with Evasive "CR4T" Backdoor 17 hours ago | thehackernews.com
backdoor campaign cybersecurity cybersecurity company +15
OfflRouter Malware Evades Detection in Ukraine for Almost a Decade 1 day, 9 hours ago | thehackernews.com
analysis called cisco cisco talos +22
FIN7 Cybercrime Group Targeting U.S. Auto Industry with Carbanak Backdoor 1 day, 9 hours ago | thehackernews.com
auto auto industry automotive automotive industry +17
Recover from Ransomware in 5 Minutes—We will Teach You How! 1 day, 12 hours ago | thehackernews.com
attack back can cdp +21
New Android Trojan 'SoumniBot' Evades Detection with Clever Tricks 1 day, 13 hours ago | thehackernews.com
analysis android android trojan called +16
How to Conduct Advanced Static Analysis in a Malware Sandbox 1 day, 13 hours ago | thehackernews.com
advanced analysis can dynamic +17

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Security Solution Architect

@ Civica | London, England, United Kingdom
View on infosec-jobs.com

Information Security Officer (80-100%)

@ SIX Group | Zurich, CH
View on infosec-jobs.com

Cloud Information Systems Security Engineer

@ Analytic Solutions Group | Chantilly, Virginia, United States
View on infosec-jobs.com

SRE Engineer & Security Software Administrator

@ Talan | Mexico City, Spain
View on infosec-jobs.com
View more jobs