The US Cybersecurity and Infrastructure Security Agency (CISA) has been investigating attacks exploiting the Log4Shell vulnerability in third-party products like VMware Horizon and Unified Access Gateway (UAG). The agency published indicators of compromise (IOCs) collected from incidents it investigated as recently as June, highlighting the long-lasting impact of this vulnerability that’s over six months old.
“From May through June 2022, CISA provided remote incident support at an organization where CISA observed suspected Log4Shell PowerShell downloads,” the agency said in a report this week. “During remote support, CISA confirmed the organization was compromised by malicious cyber actors who exploited Log4Shell in a VMware Horizon server that did not have patches or workarounds applied.”
More Stories
Friday Squid Blogging: Squid Sticker
A sticker for your water bottle. Blog moderation policy. Read More
Italy’s Data Protection Watchdog Issues €15m Fine to OpenAI Over ChatGPT Probe
OpenAI must also initiate a six-month public awareness campaign across Italian media, explaining how it processes personal data for AI...
Ukraine’s Security Service Probes GRU-Linked Cyber-Attack on State Registers
The Security Service of Ukraine has accused Russian-linked actors of perpetrating a cyber-attack against the state registers of Ukraine Read...
LockBit Admins Tease a New Ransomware Version
The LockBitSupp persona said LockBit 4.0 will be launched in February 2025 Read More
Webcams and DVRs Vulnerable to HiatusRAT, FBI Warns
The FBI has issued a warning about the Hiatus RAT malware targeting Xiongmai and Hikvision web cameras and DVRs, urging...
CISA Urges Encrypted Messaging After Salt Typhoon Hack
The US Cybersecurity and Infrastructure Security Agency recommended users turn on phishing-resistant MFA and switch to Signal-like apps for messaging...