Profile Image

Eric Geller

@ericgeller ↗

Deleted No
Hibernated Yes
Last Checked Nov. 18, 2022

Created

Tue Mar 08 15:16:46 +0000 2022

Likes

8

Retweets

4

Source

TweetDeck

View Raw Data

JSON Data

View on Twitter

Likely Available
Profile Image

Eric Geller @ericgeller

Mandiant says APT41 began exploiting the Log4j vulnerability "within hours" of Apache announcing it. After gaining access, "APT41 deployed a new variant of the KEYPLUG backdoor on Linux servers at multiple victims." — PolitiTweet.org

Posted March 8, 2022 Hibernated

Preceded By

Profile Image

Eric Geller @ericgeller

By default, USAHerds uses static values for the keys used to access and decrypt its data. "As a result, all installations of USAHerds shared these values." Once the hackers got them, "they were able to compromise any server on the Internet running USAHerds." — PolitiTweet.org

Posted March 8, 2022 Hibernated

Followed By

Profile Image

Eric Geller @ericgeller

APT41 continues to be a highly sophisticated adversary, Mandiant says. The report describes "extensive reconnaissance and credential harvesting," new malware dubbed "DUSTPAN" and "DEADEYE.EMBED," and the use of Cloudflare infrastructure for the exfiltration stage. — PolitiTweet.org

Posted March 8, 2022 Hibernated