“TunnelVision attackers have been actively exploiting the vulnerability to run malicious PowerShell commands, deploy backdoors, create backdoor users, harvest credentials, and perform lateral movement,” company researchers Amitai Ben Shushan Ehrlich and Yair Rigevsky wrote in a post. The SentinelOne research shows that the targeting continues and that this time the target is organizations running VMware Horizon, a desktop and app virtualization product that runs on Windows, macOS, and Linux. The bug bit the Internet’s biggest players and was widely targeted in the wild after it became known.
CVE-2021-44228 (or Log4Shell, as the vulnerability is tracked or nicknamed) allows attackers to easily gain remote control over computers running apps in the Java programming language.
Further Reading Hackers backed by Iran are targeting US critical infrastructure, US warnsRecently, SentinelOne reported, TunnelVision has started exploiting a critical vulnerability in Log4j, an open source logging utility that’s integrated into thousands of apps.
0 kommentar(er)
