The malware can also function as a proxy, allowing a remote operator to pivot to other systems." These C2 capabilities include the ability to remotely monitor a system's desktop, gain reverse shell access, exfiltrate data, and upload and execute additional payloads. This embedded executable is a Remote Access Tool (RAT) that provides a vast array of Command and Control (C2) capabilities. This week's new malware analysis report that provides additional IOCs describes a submitted malware file: "This file is a malicious loader that contains an embedded executable. The FTC explains it here.Īfter it hit VMware and other organizations hard last December, VMware provided fixes and issued an "IMPORTANT" message to users of its Horizon virtual desktop offering, warning them to patch for critical Log4Shell vulnerabilities.
Log4j is an open source Java logging library widely used in multiple applications that's currently under a long-lasting and widespread attack because of a security vulnerability called "Log4Shell" ( CVE-2021-44228) that can enable remote code execution. It adds information to the June 23 alert titled " Malicious Cyber Actors Continue to Exploit Log4Shell in VMware Horizon Systems," reporting on Log4Shell vulnerabilities that began to surface late last year.
0 kommentar(er)
