The findings should prompt organizations to adopt self-training machine learning models to identify exploitation of software vulnerabilities, according to Gurucul founder and CEO Saryu Nayyar. Researchers have found three backdoors and four miners in attacks exploiting the Log4Shell vulnerability, some of which are still ongoing. The Log4j vulnerability continues to be exploited by threat actors and. Two different reverse shell types have also been deployed by the threat actors. New ransomware leveraging the Log4j vulnerability identified in VMware Horizon servers. Attackers have also launched implants of Sliver and the legitimate tools Atera and Splashtop Streamer as backdoor payloads. Researchers discovered that miners deployed on Horizon servers included the z0Miner and JavaX miner, as well as the Mimu and Jin variants of the XMRig commercial cryptominer. "Attempts to compromise Horizon servers are among the more targeted exploits of Log4Shell vulnerabilities because of their nature," said Sophos, which noted that the peak of Log4j attacks targeted at Horizon have been ongoing since it began on Jan. While VMware has already issued fixes to address the flaw in Horizon servers, many organizations may still have not applied the newer versions or the provided remediations, a Sophos report revealed. The Log4Shell vulnerability is being actively exploited to deliver backdoors and cryptocurrency miners to vulnerable VMware Horizon servers. Malicious actors have been exploiting the widespread Log4Shell vulnerability to infect vulnerable VMware Horizon servers with backdoors and miners, reports Threatpost.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |