CISA Releases Log4Shell-Related MAR
From May through June 2022, CISA responded to an organization that was compromised by an exploitation of an unpatched and unmitigated Log4Shell vulnerability in a VMware Horizon server. CISA analyzed five malware samples obtained from the organization’s network and released a Malware Analysis Report of the findings.
Users and administrators are encouraged to review MAR 10386789-1.v1 for more information. For more information on Log4Shell, see:
- Joint Cybersecurity Advisory (CSA) Malicious Cyber Actors Continue to Exploit Log4Shell in VMware Horizon Systems,
- CISA’s Apache Log4j Vulnerability Guidance webpage,
- Joint CSA Mitigating Log4Shell and Other Log4j-Related Vulnerabilities, and
- CISA’s database of known vulnerable services on the CISA GitHub page.
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on Patreon using the button below
To keep up to date follow us on the below channels.