Log4j-Log4Shell: Attackers use vulnerability for permanent server access
SophosLabs researchers discovered three backdoors and four cryptominers targeting unpatched VMware Horizon servers to gain persistent access. Sophos is today releasing its latest research on the Log4j Log4Shell vulnerability. Attackers use these to embed backdoors and script unpatched VMware Horizon Servers. This gives them persistent access to VMware Horizon Server for future ransomware attacks. In the detailed report Horde of Miner Bots and Backdoors Leveraged Log4J to Attack VMware Horizon Servers, Sophos researchers describe the tools and techniques used to compromise servers, as well as three different backdoors and…