Iran-Based MuddyWater Targets Log4j 2 Vulnerabilities in SysAid Apps in Israel

Iran-associated hacker group MuddyWater, known as MERCURY, has been exploiting Log4j 2 vulnerabilities in SysAid apps to target organizations in Israel, according to Microsoft. The fresh campaign marks the first time MERCURY has used SysAid applications for initial access. The group maintains persistence after gaining access and uses tools for hacking. Microsoft has informed customers that were targeted and has recommended investigations and protections to ward off further attacks.