Log4j and Livestock Apps: APT41 Wages Persistent Cyberattack Campaign on US Government
The group's attack methods have included exploits for a zero-day vulnerability in a livestock-tracking apps as well as for the Apache Log4 flaw.
A 0-Day is a software vulnerability without an available fix, creating risk because defenders have limited time to mitigate exploitation.
Search across headline titles and summaries.
Background for this topic.
0-Day describes a software vulnerability unknown to the software maker or unpatched when first exploited. Attackers can use these flaws immediately, as no official fix or signature exists to block the exploit. Such vulnerabilities often affect widely deployed software or hardware, making them valuable for targeted attacks or widespread campaigns.
Because defenders lack patches or reliable detection signatures initially, they must rely on anomaly detection, network monitoring, and threat intelligence to identify suspicious activity linked to 0-day exploits. Rapid patching once a fix is released is critical to reduce exposure. Tracking emerging 0-day threats helps prioritize defensive measures and informs risk management decisions in environments where unpatched vulnerabilities pose significant security risks.
The group's attack methods have included exploits for a zero-day vulnerability in a livestock-tracking apps as well as for the Apache Log4 flaw.
The China-affiliated state-sponsored threat actor used Log4j and zero-day bugs in the USAHerds animal-tracking software to hack into multiple government networks.
Microsoft on Tuesday released software updates to plug at least 70 security holes in its Windows operating systems and related software. For the second month running, there are no scary zero-day threats looming for Windows users (that we know of), and relatively few "critical" fixes. And yet we know from experience that attackers are already trying to work out how to turn these patches into a roadmap for exploiting the flaws they fix. Here's a look at the security weaknesses Microsoft says are most likely to be targeted first.
Critical zero-day vulns spotted in popular Schneider kit If you're managing a smart model from ubiquitous uninterrupted power supply (UPS) device brand APC, you need to apply updates now – a set of three critical zero-day vulnerabilities are making Smart-UPS devices a possible entry point for network infiltration.…
APT41, the state-sponsored threat actor affiliated with China, breached at least six U.S. state government networks between May 2021 and February 2022 by retooling its attack vectors to take advantage of vulnerable internet-facing web applications
A set of three critical zero-day vulnerabilities now tracked as TLStorm could let hackers take control of uninterruptible power supply (UPS) devices from APC, a subsidiary of Schneider Electric. [...]
The computing giant patched 71 security vulnerabilities in an uncharacteristically light scheduled update, including its first Xbox bug.
Today is Microsoft's March 2022 Patch Tuesday, and with it comes fixes for three zero-day vulnerabilities and a total of 71 flaws. [...]
The Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal civilian agencies to patch two critical Firefox security vulnerabilities exploited in attacks within the next two weeks. [...]
Both vulnerabilities are use-after-free issues in Mozilla's popular web browser.
Mozilla has pushed out-of-band software updates to its Firefox web browser to contain two high-impact security vulnerabilities, both of which it says are being actively exploited in the wild
Mozilla has released Firefox 97.0.2, Firefox ESR 91.6.1, Firefox for Android 97.3.0, and Focus 97.3.0 to fix two critical zero-day vulnerabilities actively exploited in attacks. [...]