Apache ActiveMQ Exploit Leads to LockBit Ransomware - The DFIR Report

thedfirreport.com

Apache ActiveMQ Exploit Leads to LockBit Ransomware - The DFIR Report

thedfirreport.com

digicatM to

blueteamsecEnglish · 6 days ago

Key Takeaways An audio version of this report can be found on Spotify, Apple, YouTube, Audible, & Amazon. This intrusion began in mid-February 2024 after a threat actor exploited a vulnerability (CVE-2023-46604) on an exposed Apache ActiveMQ server. The threat actor was able to perform remote code execution (RCE) by using a Java Spring class and a custom Java Spring […]

You must log in or # to comment.

Chat

blueteamsec

Create a post

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !blueteamsec@infosec.pub

For [Blue|Purple] Teams in Cyber Defence - covering discovery, detection, response, threat intelligence, malware, offensive tradecraft and tooling, deception, reverse engineering etc.

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

30 users / day
138 users / week
367 users / month
956 users / 6 months
228 local subscribers
648 subscribers
2.55K Posts
203 Comments
Modlog

mods:
digicat