An Iranian APT is actively targeting unpatched VMWare Horizon systems to exploit Log4j vulnerabilities. The APT is destructive and these attacks often lead to full Ransomware deployment in the victim’s environment.
See the full Sentinel One synopsis here:
Phishing Campaign Abuses Event Invitations to Target U.S. Firms Article Link: https://cyberpress.org/fake-invites-target-firms/ PyPI Package With 1.1M Monthly Downloads Hacked to Push Infostealer Article Link: https://www.bleepingcomputer.com/news/security/pypi-package-with-11m-monthly-downloads-hacked-to-push-infostealer/
Microsoft Releases Emergency Patches for Critical ASP.NET Flaw Article Link: https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-emergency-security-updates-for-critical-aspnet-flaw/ Vercel Confirms Security Breach After Customer Accounts Were Compromised Article Link: https://cyberpress.org/vercel-confirms-security-breach-after-customer-accounts-were-compromised/ ‘Zealot’ Shows
