![]() This tech CEO fired two engineers for having second full-time jobs, warns they're part of a new trend Interested in VMware Horizon servers are under active exploit by Iranian state hackers Click here to find out TNN offers IT, Phone, and Copier Service and Support for California Businesses. ![]() How to convert your home's old TV cabling into powerful Ethernet lines This company successfully switched to a four-day workweek. Interested in VMware Horizon servers are under active exploit by Iranian state hackers Click here to find out TNN offers IT, Phone, and Copier Service and Support for California Businesses. VASTO collection of Metasploit modules meant to be used as a testing tool to perform penetration tests or security audit of virtualization solutions. Scared of the dark? You won't be if you get one of our favorite flashlights The attack was discovered and parried by CrowdStrike’s Overwatch threat-hunting specialists. According to CrowdStrike, China-based hackers launched an attack on an unspecified academic institution using a Log4j vulnerability. The vulnerability lay in a VMware Horizon instance used by the institution in question. 'Attempts to compromise Horizon servers are among the more targeted exploits of Log4Shell vulnerabilities because of their nature,' the researchers wrote. As part of this exploitation, suspected APT actors implanted loader malware on compromised systems with embedded executables enabling remote command and control (C2). The security team at the UK National Health Service (NHS) announced to have spotted threat actors exploiting the Log4Shell vulnerability to hack VMWare Horizon servers and install web shells. Lazarus, also tracked as Hidden Cobra and APT38, is known for stealing hundreds of millions in cryptocurrency from crypto firms. Since December 2021, multiple threat actor groups have exploited Log4Shell on unpatched, public-facing VMware Horizon and UAG servers. A threat actor attempted to exploit the Log4Shell vulnerability to hack VMWare Horizon servers at UK NHS and deploy web shells. 'VMware has pushed out patched versions of Horizon as of March 8 2022, but many organizations may still not have deployed the fixed versions or applied workarounds to vulnerable ones. The US Treasury sanctioned Lazarus in 2019 for crypto and banking system heists that it said helped raise revenues to fund North Korea's nuclear weapons and ballistic missile programs. Organizations should have patched this flaw months ago. ![]() VMware Horizon servers are under active exploit by Iranian state hackers 0 February 18, 2022: Hackers aligned with the government of Iran are exploiting the critical Log4j vulnerability to infect unpatched VMware users with ransomware, researchers said on Thursday. The Cybersecurity and Infrastructure Security Agency (CISA) in September warned organizations to patch VMware Horizon's Log4Shell flaws, some nine months after VMware released its Log4Shell patches for Horizon servers. Security firm SentinelOne has dubbed the group TunnelVision. ![]() Hackers at Iran's Ministry of Intelligence and Security (MOIS), which are tracked as MuddyWater, have also recently been using Log4Shell to compromise organizations in Israel but via unpatched server software from an Israeli vendor that includes Log4J, according to Microsoft. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |