Cyber Defense Advisors

FritzFrog Returns with Log4Shell and PwnKit, Spreading Malware Inside Your Network

FritzFrog Returns with Log4Shell and PwnKit
  • February 1, 2024
  • by
  • Cyber News
  • Less than a minute
  • 209 Views

The threat actor behind a peer-to-peer (P2P) botnet known as FritzFrog has made a return with a new variant that leverages the Log4Shell vulnerability to propagate internally within an already compromised network.
“The vulnerability is exploited in a brute-force manner that attempts to target as many vulnerable Java applications as possible,” web infrastructure and security 

Related Post

Rational Astrologies and Security

John Kelsey and I wrote a short paper for the Rossfest Festschrift: “Rational Astrologies and Security“: There is another non-security

Cyber News

Outlaw Group Uses SSH Brute-Force to Deploy Cryptojacking

Cybersecurity researchers have shed light on an “auto-propagating” cryptocurrency mining botnet called Outlaw (aka Dota) that’s known for targeting SSH

Cyber News

Google Fixed Cloud Run Vulnerability Allowing Unauthorized Image

Cybersecurity researchers have disclosed details of a now-patched privilege escalation vulnerability in Google Cloud Platform (GCP) Cloud Run that could

Cyber News

Helping Your Clients Achieve NIST Compliance: A Step

Introduction As the cybersecurity landscape evolves, service providers play an increasingly vital role in safeguarding sensitive data and maintaining compliance

Cyber News

Rational Astrologies and Security

John Kelsey and I wrote a short paper for the Rossfest Festschrift: “Rational Astrologies and Security“: There is another non-security

Cyber News

Outlaw Group Uses SSH Brute-Force to Deploy Cryptojacking

Cybersecurity researchers have shed light on an “auto-propagating” cryptocurrency mining botnet called Outlaw (aka Dota) that’s known for targeting SSH

Cyber News

Google Fixed Cloud Run Vulnerability Allowing Unauthorized Image

Cybersecurity researchers have disclosed details of a now-patched privilege escalation vulnerability in Google Cloud Platform (GCP) Cloud Run that could

Cyber News

Helping Your Clients Achieve NIST Compliance: A Step

Introduction As the cybersecurity landscape evolves, service providers play an increasingly vital role in safeguarding sensitive data and maintaining compliance

Cyber News
prev
next