US President Joe Biden will take part in a virtual meeting with Chinese President Xi Jinping on November 15, 2021. CrowdStrike announced today that it has discovered a China-affiliated spy group attempting to exploit the Log4j vulnerability in VMware’s Horizon Tomcat web server service. (Photo by Alex Wong / Getty Images)

CrowdStrike reported Wednesday that it has discovered a China-affiliated spy group tracking it as the Aquatic Panda attempting to exploit the Log4j vulnerability in VMware’s Horizon Tomcat web server service.

The company’s threat investigation agency, Falcon OverWatch, claims it identified and denied an attempted Log4j violation at an unnamed academic institution.

“While we cannot directly say that this particular vulnerability is being used more widely by spy actors, its usefulness as an access method has already been established,” said Param Singh, CrowdStrikes vice president of Falcon OverWatch in an email.

VMware initially released guides and workarounds for various Horizon components …



Source link

Leave a Reply