meta_pixel
Tapesearch Logo
Log in
CyberWire Daily

1700 IPs and counting. [Research Saturday]

CyberWire Daily

N2K Networks, Inc.

Tech News, Daily News, News, Technology

4.81.1K Ratings

🗓️ 1 June 2024

⏱️ 17 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

Amit Malik, Director of Threat Research at Uptycs, is sharing their work on "New Threat Detected: Inside Our Discovery of the Log4j Campaign and Its XMRig Malware." The Uptycs Threat Research Team has discovered a large-scale Log4j campaign involving over 1700 IPs, aiming to deploy XMRig cryptominer malware. This ongoing operation was initially detected through the team's honeypot collection, prompting an in-depth analysis of the campaign. The research says "The JNDI plugin is particularly useful to attackers because it allows them not only to fetch the values of environment variables in the target system but also to freely define the URL and protocol resource for the JNDI network connection." The research can be found here: New Threat Detected: Inside Our Discovery of the Log4j Campaign and Its XMRig Malware Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcript

Click on a timestamp to play from that location

0:00.0

You're listening to the CyberWire Network, powered by N2K.

0:07.0

In the dynamic world of enterprise security, identity architects and IT leaders face a major challenge.

0:18.0

Growth by repeated acquisitions multiplies the complexity of everything.

0:23.0

Multiple IDPs, MFA providers, policy engines that all need to coexist.

0:29.0

This can lead to fragmented user identities and policies that create security vulnerabilities and add access friction.

0:36.0

Strata identity solves this. Now you can decommission unneeded IDPs and consolidate the ones you'd like to keep without

0:44.7

rewriting apps or disrupting users engineers and app owners. Plus Strata's

0:50.2

modular architecture makes it easy to integrate with any identity provider without

0:55.1

manual maintenance and coding.

0:57.8

Join the ranks of cybersecurity leaders using identity orchestration.

1:02.0

Visit strata. I.io slash cyberwire, share your top identity security

1:07.0

priorities and receive a pair of complementary AirPods Pro.

1:11.9

Offer valid for organizations with over 5,000 employees.

1:15.0

Step into a new era of identity management at strata.io slash cyberwire. Hello everyone and welcome to the CyberWire's research Saturday.

1:37.0

I'm Dave Bitner and this is our weekly conversation with researchers and analysts

1:42.0

tracking down the threats and vulnerabilities,

1:45.0

solving some of the hard problems and protecting ourselves in a rapidly evolving cyberspace.

1:50.0

Thanks for joining us. Log for joining us. Log for a day.

1:55.0

Log for a very widely used application and it came into the light in December 2021 because there was a

2:06.8

zero day exploit that was available for this application.

2:11.6

That's Amid Malik, Director of threat research at upticks.

2:15.0

The research we're discussing today is titled New Threat

...

Please login to see the full transcript.

Disclaimer: The podcast and artwork embedded on this page are from N2K Networks, Inc., and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of N2K Networks, Inc. and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.

Copyright © Tapesearch 2026.