"CISA: Log4Shell Exploits Still Being Used to Hack VMware Servers"

The US Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning pertaining to threat actors, including state-backed hacking groups, using the Log4Shell Remote Code Execution (RCE) vulnerability to hack VMware Horizon and Unified Access Gateway (UAG) servers. Attackers can remotely exploit Log4Shell on vulnerable servers that are exposed to local or Internet access in order to move laterally across networks until they gain access to internal systems containing sensitive data. Following the disclosure of the Log4Shell flaw in December 2021, multiple threat actors, including state-backed hacking groups from China, Iran, North Korea, and Turkey, as well as several access brokers commonly used by ransomware gangs, began scanning for and exploiting unpatched systems. This article continues to discuss CISA's warning regarding the exploitation of the Log4Shell RCE vulnerability to hack VMware servers. 

Bleeping Computer reports "CISA: Log4Shell Exploits Still Being Used to Hack VMware Servers"