![]() In attacks that have taken place last year, the RansomExx gang has been seen gaining access to a device on a corporate network and abusing this initial entry point to attack local ESXi instances and encrypt their virtual hard disks, used to store data from across virtual machines, causing massive disruptions to companies, as ESXi virtual disks are usually used to centralize data from multiple other systems. The vulnerabilities allow an attacker on the same network to send malicious SLP requests to an ESXi device and take control of it, even if the attacker has not managed to compromise the VMWare vCenter server to which the ESXi instances usually report to. An Iranian-aligned hacking group tracked as TunnelVision was spotted exploiting Log4j on VMware Horizon servers to breach corporate networks in the Middle. Greenberg, France Ties Russia's Sandworm to a Multiyear Hacking Spree. In a report this week, cybersecurity firm Sophos wrote that VMwares virtual desktop and applications platform has been in the crosshairs since. National Health Service (NHS) has raised the alarm on active exploitation of Log4Shell vulnerabilities in unpatched VMware Horizon servers by an unknown threat actor to drop malicious web shells and establish persistence on affected networks for follow-on attacks. Redefining National Security in Cyberspace Michael P. VMware Horizon servers are under active exploit by Iranian state hackers 0 February 18, 2022: Hackers aligned with the. VMwares Horizon virtualization platform has become an ongoing target of attackers exploiting the high-profile Log4j flaw to install backdoors and cryptomining malware. A community for current or aspiring technical professionals to discuss cybersecurity, threats, etc. According to multiple security researchers who spoke with ZDNet, evidence suggests the attackers used CVE-2019-5544 and CVE-2020-3992, two vulnerabilities in VMware ESXi, a hypervisor solution that allows multiple virtual machines to share the same hard drive storage.īoth bugs impact the Service Location Protocol (SLP), a protocol used by devices on the same network to discover each other also included with ESXi. The Cybersecurity and Infrastructure Security Agency (CISA) in September warned organizations to patch VMware Horizons Log4Shell flaws, some nine months after VMware released its Log4Shell patches for Horizon servers. VMware Horizon servers are under active exploit by Iranian state hackers : cybersecurity 346k members in the cybersecurity community. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |