Eric Geller

@ericgeller ↗

Deleted No

Hibernated Yes

Last Checked Nov. 18, 2022

Created

Tue Mar 08 15:14:40 +0000 2022

Likes

Retweets

Source

TweetDeck

View Raw Data

JSON Data

View on Twitter

Likely Available

Eric Geller @ericgeller

By default, USAHerds uses static values for the keys used to access and decrypt its data. "As a result, all installations of USAHerds shared these values." Once the hackers got them, "they were able to compromise any server on the Internet running USAHerds." — PolitiTweet.org

Posted March 8, 2022 Hibernated

Preceded By

Eric Geller @ericgeller

@Mandiant Mandiant kicked the hackers out of one state government network after detecting a SQL injection attack, but two weeks later APT41 returned by exploiting a previously unseen zero-day vulnerability in animal disease control software USAHerds. — PolitiTweet.org

Posted March 8, 2022 Hibernated

Followed By

Eric Geller @ericgeller

Mandiant says APT41 began exploiting the Log4j vulnerability "within hours" of Apache announcing it. After gaining access, "APT41 deployed a new variant of the KEYPLUG backdoor on Linux servers at multiple victims." — PolitiTweet.org

Posted March 8, 2022 Hibernated