This does not mean that everyone will suffer some kind of attack, but it is certainly an event that makes it much easier to do so by threat actors.
Malware has a new opportunity to try to infiltrate almost anywhere it wants to. Thanks to this easily accessible framework that companies have been using, hackers have an opportunity to enter the digital space to steal or plant information. The same goes for other IT giants like IBM, Oracle, and Salesforce, as well as thousands of Internet-connected devices like televisions and security cameras. Cloud storage companies like Google, Amazon, and Microsoft, which are the digital hotline for millions of other applications, have been hit hard. Log4j is a logging framework for java applications and has been an integral part of many programs since the mid-1990s. In a statement to ZDNet, VMware said they are continuing to urge customers to apply the latest guidance found in their security advisory, VMSA-2021-0028, in order to resolve vulnerabilities CVE-2021-44228 and CVE-2021-4504.
Since then, several cybersecurity companies have confirmed that hackers are continuing to target VMware Horizon servers. Two weeks ago, the UK’s National Health Service (NHS) issued a warning that an ‘unknown threat group’ is attempting to exploit a Log4j vulnerability ( CVE-2021-44228) in VMware Horizon servers to establish web shells that could be used to distribute malware and ransomware, steal sensitive information, and complete other malicious attacks. VMware is rushing to convince customers to apply the latest security guidance.Īccording to several cybersecurity companies monitoring the situation, attackers are still targeting VMware Horizon servers through Log4J vulnerabilities.
0 kommentar(er)
