Threat actors used a newer variant of AvosLocker previously discovered earlier this year, which targets Linux environments in addition to Windows machines the attack coupled with these recent changes demonstrate how AvosLocker is "likely to proliferate in the future," said Cisco Talos researchers in a Tuesday analysis. The attacker first exploited the series of Apache vulnerabilities related to Log4j (CVE-2021-44228, CVE-2021-45046, CVE-2021-45105 and CVE-2021-44832) that can potentially allow for remote code execution on vulnerable Unified Access Gateways via a low-privilege non-root user (‘gateway’).
The month-long ransomware attack, which impacted an unnamed company, targeted instances of the VMware Horizon Unified Access Gateway that were vulnerable to the Log4j flaw. Researchers have disclosed details on a ransomware attack that targeted the well-known Log4j flaw in order to deploy AvosLocker.
0 kommentar(er)
