![]() ![]() ![]() In other words, some outfits don’t necessarily know if they’re vulnerable. Log4Shell has been a nightmare for organizations to hunt down and remediate, given that the flaw affected hundreds of software products, “making it difficult for some organizations to assess their exposure,” noted Sophos researchers Gabor Szappanos and Sean Gallagher in Tuesday’s report. ![]() With millions of Log4j-targeted attacks clocking in per hour since the flaw’s discovery, within just a few weeks, there was a record-breaking peak of 925 cyberattacks per week per organization, globally, as Check Point Research (CPR) reported in early January. ![]() Sophos’s findings about VMware Horizon servers being besieged by threat actors leveraging the bug is in keeping with what’s been happening since then: In fact, cyberattacks increased 50 percent YoY in 2021, peaking in December, due to a frenzy of Log4j exploits. The Log4j flaw was discovered in December, vigorously attacked within hours of its discovery and subsequently dubbed Log4Shell. On Tuesday, Sophos reported that the remote code execution (RCE) Log4j vulnerability in the ubiquitous Java logging library is under active attack, “particularly among cryptocurrency mining bots.” Besides cryptominers, attackers are also prying open Log4Shell to deliver backdoors that Sophos believes are initial access brokers (IABs) that could lay the groundwork for later ransomware infections. What researchers are calling a “horde” of miner bots and backdoors are using the Log4Shell bug to take over vulnerable VMware Horizon servers, with threat actors still actively waging some attacks. ![]()
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |