This site uses cookies to improve your experience. By viewing our content, you are accepting the use of cookies. To help us insure we adhere to various privacy regulations, please select your country/region of residence. If you do not select a country we will assume you are from the United States. View our privacy policy and terms of use.

Remove lacework-labs-identifies-log4j-attackers
Remove Blog Related Topics
DevOps Continuous Delivery Linux Firewall Business Intelligence Open Source Applications Architecture Network Azure More Related Topics >
article thumbnail

Lacework Labs Identifies Log4J Attacks

Lacework

DECEMBER 12, 2021

Key Takeaways CVE-2021-22448 is being adopted by opportunistic attackers. Mirai and Kinsing are being distributed via this attack vector. Overview Lacework Labs is constantly monitoring for attackers adopting new vulnerabilities into their toolkits through their honeypots.

136
136
article thumbnail

Cloudy with a chance of threats: Advice for mitigating the top cyber threats of 2024

Lacework

FEBRUARY 7, 2024

We know that understanding and effectively prioritizing threats starts with identifying the enemy. In this blog, we’ll explore the motivations of bad actors, the top threats the Lacework Labs team is seeing, and practical ways to lock down your cloud and protect your data. Who’s behind the threats?

Weak Development Team 109
Weak Development Team Malware Cloud Internet 109
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Trending Sources

article thumbnail

The OAST with the most

Lacework

APRIL 5, 2022

Attackers use tools to scan networks for vulnerabilities and sometimes these tools can be used to our advantage. Project Discovery currently accounts for roughly half of all Log4j (CVE-2021-44228) attacks and a quarter of total attacks observed by Lacework Labs. domain for Log4j exploitation.

Analysis 98
Analysis Testing Tools Examples 98
article thumbnail

A guide to responding to the Log4j vulnerability

Lacework

FEBRUARY 24, 2022

On December 10th, 2021, CVE-2021-44228 took the security industry by storm when a remote code execution vulnerability was discovered in the popular logging library “ Log4j ”. Which is why Lacework is releasing our latest research on how to respond to Log4j vulnerabilities in your environment.

Google Cloud 52
Google Cloud Malware Azure Research 52
article thumbnail

Malware targeting latest F5 vulnerability

Lacework

MAY 12, 2022

Since the announcement of this vulnerability numerous Github repositories have been created showing proof-of-concept attacks which require nothing more than a POST request with an HTTP body of commands to execute on a victim host. Lacework Labs is also beginning to see payloads associated with this vulnerability within their honeypots.

Malware 96
Malware Technical Support Open Source Research 96
article thumbnail

Top 5 security incidents of 2021

Lacework

FEBRUARY 10, 2022

The change stems from recent attacks that allow adversaries to pivot and target the Public sector through the use of activities like phishing or installing malware as a trusted partner. Log4j ( CVE-2021-44228 ). The most memorable (and recent) security concern is related to Log4j. Microsoft Exchange Server.

Software Review 52
Software Review Malware Systems Review Government 52
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

 

Stay Connected

Join 48,000+ Insiders by signing up for our newsletter

About
Webinars
Awards
About
Editions
Webinars
Awards
Editions
Topics
LinkedIn Twitter
Powered by Aggregage | Terms and Conditions | Your California Rights and Privacy Policy
© Aggregage 2024