Log4Shell Lives!

Source: thenewstack.io

Log4Shell Lives!
It has been about a year since the security hole at the heart of the open source Java logging library https://logging.apache.org/log4j/ was revealed. Recently, the https://www.cisa.gov/ revealed not only are hackers still using Log4Shell successfully, but Iranian government agents are also using it to https://www.cisa.gov/uscert/ncas/alerts/aa22-320a. Specifically, threat actors exploited Log4Shell to get access to the organization’s unpatched https://www.vmware.com/products/horizon.html.

Over that link, they ran a Windows PowerShell command to add an exclusion rule to Windows Defender that white-listed the c:\drive.

All of this story, an all too typical tale of an automated Windows attack, started with Log4Shell.
Read Full Article On thenewstack.io
Achieve superior email deliverability with ToastMail! Our AI-driven tool warms up inboxes, monitors reputation, and ensures emails reach their intended destination. Sign up today for a spam-free future.

Related Articles

Community Partners
CrowdSec
Autonomous.ai | Best Standing Desks & Ergonomic Office Chairs

CloudWays

Shift

Become a Partner?
DevOps Careers
    • Add a Job?