The attackers behind the campaign are leveraging the bug to obtain access to vulnerable servers. A patch was released in December 2021, but as is often the case with internet-facing servers, many systems have not been updated.Īccording to Sophos, the latest Log4Shell attacks target unpatched VMware Horizon servers with three different backdoors and four cryptocurrency miners. Microsoft previously detected Log4Shell attacks conducted by state-sponsored cybercriminals, but most appear to focus on cryptocurrency mining, ransomware, and bot activities. Researchers have warned that Log4Shell is likely to continue for years, especially considering the bug's simple exploitation. The unauthenticated remote code execution (RCE) vulnerability was made public in December 2021 and is tracked as CVE-2021-44228 with a CVSS score of 10.0. Log4Shell is a critical vulnerability in Apache Log4J Java logging library. Not only are backdoors and cryptocurrency miners being deployed, but in addition, scripts are used to gather and steal device information. On Tuesday, Sophos cybersecurity researchers said the attacks were first detected in mid-January and are ongoing. The Log4Shell vulnerability is being actively exploited to deliver backdoors and cryptocurrency miners to vulnerable VMware Horizon servers. Ukrainian developers share stories from the war zone.The best Wi-Fi router for your home office.
3G shutdown is underway: Check your devices now.
0 kommentar(er)
