Apache ActiveMQ Exploit Leads to LockBit Ransomware - The DFIR Report

hackerworkspace@infosec.exchange

Apache ActiveMQ Exploit Leads to LockBit Ransomware - The DFIR Report

Apache ActiveMQ Exploit Leads to LockBit Ransomware - The DFIR Report

Key Takeaways An audio version of this report can be found on Spotify, Apple, YouTube, Audible, & Amazon.  This intrusion began in mid-February 2024 after a threat actor exploited a vulnerability (CVE-2023-46604) on an exposed Apache ActiveMQ server. The threat actor was able to perform remote code execution (RCE) by using a Java Spring class and a custom Java Spring […]

The DFIR Report (thedfirreport.com)

Read on HackerWorkspace: https://hackerworkspace.com/article/apache-activemq-exploit-leads-to-lockbit-ransomware-the-dfir-report

#ransomware #malware #vulnerability