An up-to-the-minute summary of major Log4Shell incidents and mitigation activities – as reported by governmental agencies from around the world since the inception of the threat in December 2021.
In June of last year, Cox Media Group (CMG) IT systems and live streams were the targets of a ransomware attack. The Microsoft Threat Intelligence Center (MSTIC) has attributed the attack to an Iranian threat actor, codenamed DEV-0270, a group linked to multiple intrusions of US companies. The attack is part of larger trends in Iranian hacker activity globally identified by the MSTIC. This attribution is also one of many Log4Shell vulnerability headlines of the last three weeks, as DEV-0270 (also known as Phosphorus) exploited Log4Shell in Log4j for initial access to the CMG systems.