Malicious Cyber Actors Continue to Exploit Log4Shell in VMware Horizon Systems

23 June 2022

CISA and the United States Coast Guard Cyber Command (CGCYBER) have released a joint Cybersecurity Advisory (CSA) to warn network defenders that cyber threat actors, including state-sponsored advanced persistent threat (APT) actors, have continued to exploit CVE-2021-44228 (Log4Shell) in VMware Horizon® and Unified Access Gateway (UAG) servers to obtain initial access to organizations that did not apply available patches. The CSA provides information—including tactics, techniques, and procedures and indicators of compromise—derived from two related incident response engagements and malware analysis of samples discovered on the victims’ networks.

Read full article on US-CERT

Date:

23 June 2022

Categorie(s):

NEWS

Tag(s):

Actors, Cyber, Log4Shell, Malicious, Security Pro

LSA Whisperer: Open-source tools for interacting with authentication packages26 April 2024
What AI can tell organizations about their M&A risk26 April 2024
Breaking down the numbers: Cybersecurity funding activity recap26 April 2024
New infosec products of the week: April 26, 202426 April 2024
OpenAI’s GPT-4 Can Autonomously Exploit 87% of One-Day Vulnerabilities, Study Finds26 April 2024