How to convert your home's old TV cabling into powerful Ethernet lines Log4Shell vulnerabilities in VMware Horizon were exploited to create web shells in January 2022, less than a month after the vendor issued security updates following initial Log4j vulnerability disclosures. This article has been indexed from The Hacker News A 'potentially destructive actor' aligned with the government of Iran is actively exploiting the well-known Log4j vulnerability to infect unpatched VMware Horizon servers with ransomware. Scared of the dark? You won't be if you get one of our favorite flashlights Days later, threat actors were installing Cobalt Strike implants in multiple VMware Horizon servers. The vulnerability, dubbed PrintNightmare and tracked as CVE-2021-34527, is located in the Windows Print Spooler service and the public exploits available for it are being improved. In VMware Horizon servers to establish web shells, the threat actors are actively targeting and exploiting the Log4Shell vulnerabilities. Lazarus, also tracked as Hidden Cobra and APT38, is known for stealing hundreds of millions in cryptocurrency from crypto firms. The US Treasury sanctioned Lazarus in 2019 for crypto and banking system heists that it said helped raise revenues to fund North Korea's nuclear weapons and ballistic missile programs. Organizations should have patched this flaw months ago. The exploit used in this attack was initially published on GitHub on December 13. The Cybersecurity and Infrastructure Security Agency (CISA) in September warned organizations to patch VMware Horizon's Log4Shell flaws, some nine months after VMware released its Log4Shell patches for Horizon servers. VMwares Horizon virtualization platform has become an ongoing target of attackers exploiting the high-profile Log4j flaw to install backdoors and cryptomining malware. Hackers at Iran's Ministry of Intelligence and Security (MOIS), which are tracked as MuddyWater, have also recently been using Log4Shell to compromise organizations in Israel but via unpatched server software from an Israeli vendor that includes Log4J, according to Microsoft.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |