![]() In fact, VMware Horizon is “quite possibly” the most widely used product with both Log4j and a strong potential for being internet-facing, said Jon Gaines, senior application security consultant at nVisium. Horizon software and the hardware required to run it are not cheap, meaning that “the companies using it are typically well-funded and attractive targets,” Astle said.Įven so, VMware Horizon enjoys wide usage among enterprises - another attractive element for attackers, executives said. The fact that a company is running VMware Horizon in the first place is also a sign that it might be a worthwhile target for an attacker, he said. ![]() ![]() “While connecting Horizon access gateways to the internet enabled remote work, it may have unintentionally increased the overall exposure to this vulnerability,” Astle said in an email. This enabled remote workers to leverage all of their corporate resources directly through their web browser. Remote accessĭuring the transition to remote work during the pandemic, many companies exposed their VMware Horizon access gateways to the internet, according to Jimmy Astle, senior director of detection enablement at Red Canary. Combined with other reports, this suggests VMware Horizon “is a top choice for adversaries to narrow their Log4j targeting,” the Red Canary researchers said.Ĭybersecurity executives told VentureBeat this week that VMware Horizon has been targeted so heavily for a combination of reasons - though the attackers have likely also benefitted from lax security practices around the use of the platform. Starting in late December, Red Canary researchers observed a notable increase in threat actor exploits of vulnerable VMware Horizon servers. Also in a report this week, Red Canary said it has observed activity by Prophet Spider related to a Log4j exploit of Horizon. The most recent reports came this week, with BlackBerry researchers disclosing they have correlated attacks by an initial access broker group - known as “Prophet Spider” - with an exploit of the Log4j flaw in a VMware Horizon environment.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |