APT groups continue to use Log4Shell in VMware products


APT teams continue to target organizations that have not patched the Log4Shell vulnerability in VMware products, installing malware and web shells to maintain persistence and, in some cases, gaining access to test networks and disaster recovery systems.

The first disclosure of the Log4Shell vulnerability in the Apache Log4j tool was in December, and the number of affected vendors is quite large. Many vendors, including VMware, released updates within days of disclosure, but due to the scale of the problem and the number of vendors affected, defenders had a lot of work to do to identify affected systems, prioritize them, and then roll out patches, if you could. APT teams and opportunistic attackers began exploiting the flaw, which is a remote code execution flaw, immediately after public disclosure and exploitation has continued in the months since.

On Thursday, the Cybersecurity and Infrastructure Security Agency released a…

Source link


Please enter your comment!
Please enter your name here