otx.alienvault.com
Open in
urlscan Pro
99.86.3.35
Public Scan
URL:
https://otx.alienvault.com/pulse/61f80e6ba4f4889784b007e0/edit?utm_userid=swimlanecyou&utm_content=email&utm_campaign=new_p...
Submission: On January 31 via api from US — Scanned from DE
Submission: On January 31 via api from US — Scanned from DE
Form analysis
0 forms found in the DOMText Content
× * Browse * Scan Endpoints * Create Pulse * Submit Sample * API Integration * Login | Sign Up All * Login | Sign Up * Share Actions Subscribers (173395) Suggest Edit Clone Embed Download Report Spam LOG4J EXPLOIT HITS AGAIN: VULNERABLE UNIFI NETWORK APPLICATION (UBIQUITI) * Created 30 minutes ago by AlienVault * Public * TLP: White Morphisec researchers have identified Unifi Network applications being targeted on a number of occasions. Based on prevention logs from Morphisec, the first appearance of successful exploitation occurred on January 20, 2022. The uniqueness of the attack is that the C2 is correlated to a previous SolarWind attack as reported by CrowdStrike. Reference: https://blog.morphisec.com/log4j-exploit-targets-vulnerable-unifi-network-applications Tags: log4shell, unifi network, ubiquiti, ta505, cobalt strike Adversary: TA505 Malware Family: Trojan:Win32/Cobaltstrike Att&ck IDs: T1059 - Command and Scripting Interpreter , T1095 - Non-Application Layer Protocol Endpoint Security Scan your endpoints for IOCs from this Pulse! Learn more * Indicators of Compromise (6) * Related Pulses (0) * Comments (0) * History (0) COMMENTS You must be logged in to leave a comment. Refresh Comments * © Copyright 2022 AlienVault, Inc. * Legal * Status