07 Jul 2022

CISA and Coast Guard Cyber Command Warn of Ongoing Log4Shell Attacks

The recent joint Cybersecurity Advisory (CSA) – released in late June – by the Cybersecurity and Infrastructure Security Agency (CISA) and the United States Coast Guard Cyber Command (CGCYBER) warns ” network defenders that cyber threat actors, including state-sponsored advanced persistent threat (APT) actors, have continued to exploit Log4Shell…to obtain initial access to organizations that did not apply available patches or workarounds.”

This CISA/CGCYBER collaboration caught our eye and we analyze how it compares to previous joint CSAs and is differentiated by CGCYBER’s unique brand of intelligence. This joint CSA also provided a context for an OODA Loop update on the ongoing Log4Shell threat of attacks and further evidence of the success of the CISA JCDC (as VMware and Secureworks are direct contributors to this joint CSA).

Read More