The most leveraged exploit against vulnerability were against the F5 big IP firewall component, as well as looking at some of the VMware workspace access and identity managers appliances. The key here to remember is that even if you don't have something that is compatible with log4j that maybe has remained on patch perimeter devices pose a significant threat because of where it is placed within your environment. And again, I know how we saw them use it over and over again was maintaining persistence there to come back in to an organization and conduct Wiper-Mower attacks.
Mandiant's Kirstie Failey and Jake Nicastro join host Luke McNamara to break down the findings from the 2023 M-Trends report. Kirstie and Jake cover some of the notable trends gleaned from Mandiant breach investigations over the past year around dwell time, ransomware, top initial intrusion vectors, and more.
For more on Mandiant's 14th iteration of M-Trends, check out: https://www.mandiant.com/resources/blog/m-trends-2023
Follow Kirstie (@Gigs_Security) and Jake (@nicastronaut) on Twitter.