Malicious #Cyber Actors Continue to Exploit #Log4Shell in #VMware #Horizon Systems

Read Time54 Second

Cybersecurity and Infrastructure Security Agency (CISA) - Defend Today, Secure Tomorrow

06/23/2022 02:00 PM EDT

 

Original release date: June 23, 2022
CISA and the United States Coast Guard Cyber Command (CGCYBER) have released a joint Cybersecurity Advisory (CSA) to warn network defenders that cyber threat actors, including state-sponsored advanced persistent threat (APT) actors, have continued to exploit CVE-2021-44228 (Log4Shell) in VMware Horizon® and Unified Access Gateway (UAG) servers to obtain initial access to organizations that did not apply available patches. The CSA provides information—including tactics, techniques, and procedures and indicators of compromise—derived from two related incident response engagements and malware analysis of samples discovered on the victims’ networks.

CISA and CGCYBER encourage users and administrators to update all affected VMware Horizon and UAG systems to the latest versions. If updates or workarounds were not promptly applied following VMware’s release of updates for Log4Shell, treat all affected VMware systems as compromised. See joint CSA Malicious Cyber Actors Continue to Exploit Log4Shell in VMware Horizon Systems for more information and additional recommendations.

About Post Author

Robert Williams

News247WorldPress is a UK News Agency. The Agency was founded in August 2014 by Robert Williams and L. J. Rothschild. As an international news agency we cover all the important top news of the day in text, pictures and graphics in many languages: German, English, Romanian and more...

This site uses Akismet to reduce spam. Learn how your comment data is processed.