Ransomware Gang Is Exploiting Log4Shell Flaw on Vulnerable VMWare Horizon Machines
CISA warns of attacks using Log4Shell flaw, Marlinspike steps down as Signal CEO, European carriers seek to block Apple's Private Relay, UK regulator seeks more resilience in cloud providers, more
Check out my latest CSO column that recaps CISA’s briefing yesterday on the Log4j vulnerability.
Microsoft says the Night Sky ransomware gang has started to exploit the Log4Shell vulnerability in the Log4j logging library to gain access to VMware Horizon systems.
The gang targets vulnerable machines exposed on the public web from domains that impersonate legitimate companies, some of them in the technology and cybersecurity sectors, including Sophos, Trend Micro, technology companies Nvidia and Rogers Corporation. Microsoft published a warning about a new campaign from a China-based actor it tracks as DEV-0401 to exploit the Log4Shell vulnerability on VMware Horizon systems exposed on the internet and deploy Night Sky ransomware. (Ionut Ilascu / Bleeping Computer)
Keep reading with a 7-day free trial
Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.