otx.alienvault.com Open in urlscan Pro
99.86.3.35  Public Scan

Form analysis
0 forms found in the DOM

Text Content

×

   
 * Browse
 * Scan Endpoints
 * Create Pulse
 * Submit Sample
 * API Integration
   
   
 * Login | Sign Up
   

All
   
 * Login | Sign Up
   
 * 
   


Share
Actions
Subscribers (173395)
Suggest Edit
Clone
Embed
Download
Report Spam



LOG4J EXPLOIT HITS AGAIN: VULNERABLE UNIFI NETWORK APPLICATION (UBIQUITI)

   
 * Created 30 minutes ago by AlienVault
 * Public
 * TLP: White

Morphisec researchers have identified Unifi Network applications being targeted
on a number of occasions. Based on prevention logs from Morphisec, the first
appearance of successful exploitation occurred on January 20, 2022. The
uniqueness of the attack is that the C2 is correlated to a previous SolarWind
attack as reported by CrowdStrike.

Reference:
https://blog.morphisec.com/log4j-exploit-targets-vulnerable-unifi-network-applications
Tags:
log4shell, unifi network, ubiquiti, ta505, cobalt strike
Adversary:
TA505
Malware Family:
Trojan:Win32/Cobaltstrike
Att&ck IDs:
T1059 - Command and Scripting Interpreter , T1095 - Non-Application Layer
Protocol

Endpoint Security
Scan your endpoints for IOCs from this Pulse!
Learn more
 * Indicators of Compromise (6)
 * Related Pulses (0)
 * Comments (0)
 * History (0)


COMMENTS

You must be logged in to leave a comment.

Refresh Comments

 * © Copyright 2022 AlienVault, Inc.
   
 * Legal
   
 * Status