A federal agency server was compromised by a suspected Iranian advanced persistent threat (APT) group via the Log4j vulnerability. The threat actors breached a VMware Horizon server, installed cryptomining software, accessed domain control, compromised credentials, and installed a reverse proxy service. The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation urged affected organizations to assume compromise and initiate threat hunting activities.
![](https://healsecurity.com/wp-content/uploads/2024/07/group-ibs-threat-intelligence-and-defence-centre-equip-undergraduates-with-sophisticated.jpg)
Group-IB’s Threat Intelligence and Defence Centre Equip Undergraduates with Sophisticated Cybersecurity Technologies to Boost Threat Analysis and Enhance Cyber Resilience for Campus Start-ups
Hey there from the heart of the San Francisco Bay Area! It’s an absolute pleasure to have you back again for our chat on some