CISA Alert AA22-174A – Malicious cyber actors continue to exploit Log4Shell in VMware Horizon systems. [CISA Cybersecurity Alerts]

CISA and the US Coast Guard Cyber Command are releasing this joint Cybersecurity Advisory to warn network defenders that cyber threat actors, including state-sponsored APT actors, have continued to exploit CVE-2021-44228 (Log4Shell) in VMware Horizon and Unified Access Gateway servers to obtain initial access to organizations that did not apply available patches or workarounds.
AA22-174A Alert, Technical Details, and Mitigations
Malware Analysis Report 10382254-1 stix
Malware Analysis Report 10382580-1 stix
CISA’s Apache Log4j Vulnerability Guidance webpage
Joint CSA Mitigating Log4Shell …

access advisory alert alerts apt cisa cisa alert coast guard command continue cve cve-2021-44228 cyber cyber command cybersecurity cybersecurity advisory cyber threat cyber threat actors defenders exploit gateway guard horizon log4shell malicious network network defenders servers sponsored state systems threat threat actors vmware vmware horizon