Metacurity

Share this post

Threat Actor Is Using Log4Shell Vulnerability to Plant Web Shells on VMWare Horizon Servers

metacurity.substack.com

Threat Actor Is Using Log4Shell Vulnerability to Plant Web Shells on VMWare Horizon Servers

Polish leader admits country purchased Pegasus spyware, Log4Shell-like flaw afflicts H2 database consoles, FIN7 has been sending malicious USB devices, Power struggles arise in WH cyber circles, more

Cynthia Brumfield
Jan 10, 2022
∙ Paid
1
Share
Share this post

Threat Actor Is Using Log4Shell Vulnerability to Plant Web Shells on VMWare Horizon Servers

metacurity.substack.com

Check out my latest CSO column, which recaps the FTC’s warning on Log4j and highlights how another government agency, the SEC, is taking a dim view regarding failures to remediate Log4j vulnerabilities.

In the second known instance of a VMWare product targeted via the Log4Shell vulnerability, the UK National Health Service (NHS) security team said that it detected an unknown threat actor using the Log4Shell vulnerability to hack VMWare Horizon servers and plant web shells for future attacks.

VMWare issued a patch for the vulnerability, but the NHS says it is now seeing attacks trying to identify VMWare Horizon servers that haven’t been patched. The NHS released instructions on how to detect possible signs of exploitation. (Catalin Cimpanu / The Record)

Related: ZDNet Security, Bleeping Computer, The Register - Security, Security Affairs, The Hacker News, Dark Reading, Ars Technica, NHS Digital

Poland’s most powerful politician, Jaroslaw Kaczynski, the leader of the ruling conservative par…

Keep reading with a 7-day free trial

Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.

Already a paid subscriber? Sign in
Previous
Next
© 2023 DCT Associates
Privacy ∙ Terms ∙ Collection notice
Start WritingGet the app
Substack is the home for great writing