CISA Issues New Log4Shell Risk Warning, Saying ALL VMWare Systems Unpatched Since 2021 as Compromised

By

CISA issues a new Log4Shell risk warning since the cybersecurity agency believes many VMWare systems are still vulnerable to this flaw.

CISA Issues New Log4Shell Risk Warning—Saying ALL VMWare Systems Unpatched Since 2021 as Compromised
A participant uses a laptop computer as he takes part in the Seccon 2016 final competition on January 28, 2017 in Tokyo, Japan. 24 teams from Japan, the US, China, Taiwan, South Korea, Russia, Poland, Switzerland and France competed their skills for cyber securities at the final round of the international cyber security contest in Tokyo. Photo by Tomohiro Ohsumi/Getty Images

Log4Shell (CVE-2021-44228 Apache Log4j vulnerability) is still dangerous, as stated by the U.S. Cybersecurity and Infrastructure Security Agency in its announcement.

The cybersecurity agency explained that VMWare Horizon and Unified Access Gateway (UAG) servers can still be breached by hackers using the Log4Shell vulnerability.

CISA Issues New Log4Shell Risk Warning

According to ComputerWeekly.Com's latest report, CISA issued its latest cybersecurity warning on Thursday, June 23.

CISA Issues New Log4Shell Risk Warning—Saying ALL VMWare Systems Unpatched Since 2021 as Compromised
A picture taken on October 17, 2016 shows an employee walking behind a glass wall with machine coding symbols at the headquarters of Internet security giant Kaspersky in Moscow. The US government banned the use of Kaspersky security software in federal offices on September 13, 2017, saying the Russian company has risky ties to Russian intelligence that threaten US national security. Photo credit should read KIRILL KUDRYAVTSEV/AFP via Getty Images

The U.S. cybersecurity agency claimed that the VMWare systems that may still be affected by the Log4Shell flaw are those that were left unpatched ever since the vulnerability was exploited in December 2021.

CISA explained that cybercriminals could use this Log4j flaw to acquire initial access to organizations' VMWare systems.

Officials added that multiple groups had tried using the Log4Shell vulnerability to exploit their loader malware.

Those who were successful can gain remote command and control over various organizations' VMWare systems.

"If updates or workarounds were not promptly applied following VMware's release of updates for Log4Shell in December 2021, treat all affected VMware systems as compromised," warned CISA via its official alert post.

What CISA Suggests

CISA, as well as CGCYBER (Coast Guard Cyber Command), suggested that companies with unpatched VMWare systems need to apply the needed security updates to prevent the Log4Shell vulnerability.

They said that this needs to be done as soon as possible. But, if organizations detect potential breaches, they must apply the incident response recommendations, such as the following:

  • Collecting and reviewing relevant logs, data, and artifacts.
  • Reporting incidents to CISA via CISA's 24/7 Operations Center (report@cisa.gov or 888-282-0870).
  • Immediately isolating affected systems.

Meanwhile, experts warned Android users about BRATA malware being upgraded by hackers.

Recently, CISA and the FBI issued a ransomware holiday warning back in 2021.

For more news updates about the Log4Shell and other system vulnerabilities, always keep your tabs open here at TechTimes.

This article is owned by TechTimes

Written by: Griffin Davis

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Tags:CISAVMware
Join the Discussion
Most Popular
Real Time Analytics