In a joint advisory, the Cybersecurity and Infrastructure Security Agency (CISA) and Coast Guard Cyber Command (CGCYBER) warn that threat actors are exploiting the Log4Shell flaw to compromise public-facing VMware Unified Access Gateway (UAG) and Horizon servers.
Threat actors are increasing their attacks against VMware servers that still have the unpatched Log4Shell vulnerability, according to CISA. Administrators use the VMware Horizon as a platform to run and deliver virtual desktops and apps in a hybrid cloud, and UAG offers safe access to network resources.
As per the CISA, the Advance Persistent Threat (APT) actor compromises the victim’s internal network in one instance, obtains a disaster recovery network, and steals critical data.
Read More: https://threatpost.com/log4shell-targeted-vmware-data/180072/