image credit: adobe stock
System administrators who haven’t yet patched the Log4Shell vulnerability could get a rude awakening in the form of state-sponsored hacking, warns the U.S. government.
A joint advisory from the Cybersecurity and Infrastructure Security Agency and the Coast Guard Cyber Command says advanced persistent threat actors are using the exploit to hack into unpatched VMWare virtual desktop software.
Security researchers set off a firestorm late last year when they discovered a zero-day vulnerability in a popular open-source Java data-logging framework present in hundreds of millions of devices.
Comments are closed.
