Tag Archives: log4shell

VMware Horizon servers are under active exploit by Iranian state hackers

reader comments 10 with 9 posters participating, including story author Share this story Hackers aligned with the government of Iran are exploiting the critical Log4j vulnerability to infect unpatched VMware users with ransomware, researchers said on Thursday. Security firm SentinelOne has dubbed the group TunnelVision. The name is meant to emphasize TunnelVision’s heavy reliance on… Read More: VMware Horizon servers are under active exploit by Iranian state… »

Patch systems vulnerable to critical Log4j flaws, UK and US officials warn

Getty Images reader comments 18 with 17 posters participating Share this story Criminals are actively exploiting the high-severity Log4Shell vulnerability on servers running VMware Horizon in an attempt to install malware that allows them to gain full control of affected systems, the UK’s publicly funded healthcare system is warning. CVE-2021-44228 is one of the most… Read More: Patch systems vulnerable to critical Log4j flaws, UK and US… »

As Log4Shell wreaks havoc, payroll service reports ransomware attack

Getty Images reader comments 135 with 93 posters participating Share this story As the world is beset by Log4Shell, arguably the most severe vulnerability ever, one of the biggest human resources solutions providers is reporting a ransomware attack that has taken its systems offline, possibly for the next several weeks. So far, the company isn’t… Read More: As Log4Shell wreaks havoc, payroll service reports ransomware attack »

The Log4Shell zeroday 4 days on. What is it and how bad is it really?

reader comments 27 with 24 posters participating Share this story Log4Shell is the name given to a critical zeroday vulnerability that surfaced on Thursday when it was exploited in the wild in remote-code compromises against Minecraft servers. The source of the vulnerability was Log4J, a logging utility used by thousands if not millions of apps,… Read More: The Log4Shell zeroday 4 days on. What is it and… »

The Internet’s biggest players are all affected by critical Log4Shell 0-day

reader comments 67 with 51 posters participating, including story author Share this story The list of services with Internet-facing infrastructure that is vulnerable to a critical zero-day vulnerability in the open source Log4j logging utility is immense and reads like a who’s who of the biggest names on the Internet, including Apple, Amazon, Cloudflare, Steam,… Read More: The Internet’s biggest players are all affected by critical Log4Shell… »