APT Groups Swarming on VMware Servers with Log4Shell

  /     /     /  
Publicated : 23/11/2024   Category : security


APT Groups Swarming on VMware Servers with Log4Shell


CISA tells organizations running VMware servers without Log4Shell mitigations to assume compromise.



Organizations with public-facing VMware Horizon and Unified Access Gateway (UAG) servers without appropriate Log4Shell mitigations have been under a barrage of attacks from a range of attackers, including state-sponsored advanced persistent threat (APT) actors.
In fact, a new Cybersecurity and Infrastructure Agency (CISA) alert tells organizations running servers without
Log4Shell updates
to just assume theyve been compromised and proceed with threat hunting and incident response. CISA added that in one instance, APT attackers were able to breach a disaster recovery network, move laterally, and steal sensitive data.
If potential compromise is detected, administrators should apply the incident response recommendations included in this CSA and report key findings to CISA, the warning, issued along with the US Coast Guard Cyber Command (CGCYBER), said.
CISA also provides a list of indicators of compromise (IOC) and extensive
technical details
for threat hunters.

Last News

▸ Some DLP Products Vulnerable to Security Holes ◂
Discovered: 23/12/2024
Category: security

▸ Scan suggests Heartbleed patches may not have been successful. ◂
Discovered: 23/12/2024
Category: security

▸ IoT Devices on Average Have 25 Vulnerabilities ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
APT Groups Swarming on VMware Servers with Log4Shell