MuddyWater targets Israeli organizations by exploiting unpatched log4j vulnerabilities
MuddyWater targets Israeli organizations by exploiting unpatched log4j vulnerabilities
Threat Level
Attack Report
For a detailed threat advisory, download the pdf file here
Summary
MuddyWater, an Iranian threat actor, exploits Log4j two vulnerabilities in SysAid applications to target Israeli organizations. As soon as the attacker gains access to the targeted organization, it establishes persistence, dumps credentials, and moves laterally within the organization using both custom and well-known hacking tools and operating system tools.