An Iran-linked Mercury APT group exploited the Log4Shell vulnerability in SysAid applications for initial access to the targeted organizations. The Log4Shell flaw (CVE-2021-44228) made the headlines in December after Chinese security researcher p0rz9 publicly disclosed a Proof-of-concept exploit for the critical remote code execution zero-day vulnerability (aka Log4Shell) that affects the Apache Log4j Java-based logging library. The flaw can be exploited […]
The post Iran-linked Mercury APT exploited Log4Shell in SysAid Apps for initial access appeared first on Security Affairs.
This article has been indexed from Security Affairs
Read the original article: