3 matches found
Lazarus Group Using Log4j Exploits to Deploy Remote Access Trojans
The notorious North Korea-linked threat actor known as the Lazarus Group has been attributed to a new global campaign that involves the opportunistic exploitation of security flaws in Log4j to deploy previously undocumented remote access trojans RATs on compromised hosts. Cisco Talos is tracking...
Log4JShell Used to Swarm VMware Servers with Miners, Backdoors
What researchers are calling a “horde” of miner bots and backdoors are using the Log4Shell bug to take over vulnerable VMware Horizon servers, with threat actors still actively waging some attacks. On Tuesday, Sophos reported that the remote code execution RCE Log4j vulnerability in the ubiquitou...
Initial Access Broker Involved in Log4Shell Attacks Against VMware Horizon Servers
An initial access broker group tracked as Prophet Spider has been linked to a set of malicious activities that exploits the Log4Shell vulnerability in unpatched VMware Horizon Servers. According to new research published by BlackBerry Research & Intelligence and Incident Response IR teams today,...