Chuyển sang chế độ ngoại tuyến với ứng dụng Player FM !
Update 1 to CISA Alert AA22-174A – Malicious cyber actors continue to exploit Log4Shell in VMware Horizon systems.
Manage episode 354338038 series 3444271
CISA and the US Coast Guard Cyber Command are releasing this joint Cybersecurity Advisory to warn network defenders that cyber threat actors, including state-sponsored APT actors, have continued to exploit CVE-2021-44228 (Log4Shell) in VMware Horizon and Unified Access Gateway servers to obtain initial access to organizations that did not apply available patches or workarounds.
AA22-174A Alert, Technical Details, and Mitigations
(Update July 18, 2022) Malware Analysis Report 10382580-2 stix
Malware Analysis Report 10382254-1 stix
Malware Analysis Report 10382580-1 stix
CISA’s Apache Log4j Vulnerability Guidance webpage
Joint CSA Mitigating Log4Shell and Other Log4j-Related Vulnerabilities
CISA’s database of known vulnerable services on the CISA GitHub page
See National Security Agency (NSA) and Australian Signals Directorate (ASD) guidance Block and Defend Web Shell Malware for additional guidance on hardening internet-facing systems.
All organizations should report incidents and anomalous activity to CISA’s 24/7 Operations Center at central@cisa.dhs.gov or (888) 282-0870 and to the FBI via your local FBI field office or the FBI’s 24/7 CyWatch at (855) 292-3937 or CyWatch@fbi.gov.
52 tập
Manage episode 354338038 series 3444271
CISA and the US Coast Guard Cyber Command are releasing this joint Cybersecurity Advisory to warn network defenders that cyber threat actors, including state-sponsored APT actors, have continued to exploit CVE-2021-44228 (Log4Shell) in VMware Horizon and Unified Access Gateway servers to obtain initial access to organizations that did not apply available patches or workarounds.
AA22-174A Alert, Technical Details, and Mitigations
(Update July 18, 2022) Malware Analysis Report 10382580-2 stix
Malware Analysis Report 10382254-1 stix
Malware Analysis Report 10382580-1 stix
CISA’s Apache Log4j Vulnerability Guidance webpage
Joint CSA Mitigating Log4Shell and Other Log4j-Related Vulnerabilities
CISA’s database of known vulnerable services on the CISA GitHub page
See National Security Agency (NSA) and Australian Signals Directorate (ASD) guidance Block and Defend Web Shell Malware for additional guidance on hardening internet-facing systems.
All organizations should report incidents and anomalous activity to CISA’s 24/7 Operations Center at central@cisa.dhs.gov or (888) 282-0870 and to the FBI via your local FBI field office or the FBI’s 24/7 CyWatch at (855) 292-3937 or CyWatch@fbi.gov.
52 tập
Tất cả các tập
×Chào mừng bạn đến với Player FM!
Player FM đang quét trang web để tìm các podcast chất lượng cao cho bạn thưởng thức ngay bây giờ. Đây là ứng dụng podcast tốt nhất và hoạt động trên Android, iPhone và web. Đăng ký để đồng bộ các theo dõi trên tất cả thiết bị.