![]() Hackers at Iran's Ministry of Intelligence and Security (MOIS), which are tracked as MuddyWater, have also recently been using Log4Shell to compromise organizations in Israel but via unpatched server software from an Israeli vendor that includes Log4J, according to Microsoft. Security firm SentinelOne has dubbed the group TunnelVision. The Cybersecurity and Infrastructure Security Agency (CISA) in September warned organizations to patch VMware Horizon's Log4Shell flaws, some nine months after VMware released its Log4Shell patches for Horizon servers. VMware Horizon servers are under active exploit by Iranian state hackers 0 February 18, 2022: Hackers aligned with the government of Iran are exploiting the critical Log4j vulnerability to infect unpatched VMware users with ransomware, researchers said on Thursday. ![]() Organizations should have patched this flaw months ago. ![]() The US Treasury sanctioned Lazarus in 2019 for crypto and banking system heists that it said helped raise revenues to fund North Korea's nuclear weapons and ballistic missile programs. ![]() 'VMware has pushed out patched versions of Horizon as of March 8 2022, but many organizations may still not have deployed the fixed versions or applied workarounds to vulnerable ones. Lazarus, also tracked as Hidden Cobra and APT38, is known for stealing hundreds of millions in cryptocurrency from crypto firms. 'Attempts to compromise Horizon servers are among the more targeted exploits of Log4Shell vulnerabilities because of their nature,' the researchers wrote. The vulnerability lay in a VMware Horizon instance used by the institution in question. According to CrowdStrike, China-based hackers launched an attack on an unspecified academic institution using a Log4j vulnerability. Scared of the dark? You won't be if you get one of our favorite flashlights The attack was discovered and parried by CrowdStrike’s Overwatch threat-hunting specialists. VASTO collection of Metasploit modules meant to be used as a testing tool to perform penetration tests or security audit of virtualization solutions. ![]() How to convert your home's old TV cabling into powerful Ethernet lines This company successfully switched to a four-day workweek. This tech CEO fired two engineers for having second full-time jobs, warns they're part of a new trend Interested in VMware Horizon servers are under active exploit by Iranian state hackers Click here to find out TNN offers IT, Phone, and Copier Service and Support for California Businesses. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |