APT Actively targeting unpatched VMWare Horizon, exploiting Log4j

Oscar Minks
February 18, 2022

Share This Post

An Iranian APT is actively targeting unpatched VMWare Horizon systems to exploit Log4j vulnerabilities. The APT is destructive and these attacks often lead to full Ransomware deployment in the victim’s environment.

See the full Sentinel One synopsis here:

https://www.sentinelone.com/labs/log4j2-in-the-wild-iranian-aligned-threat-actor-tunnelvision-actively-exploiting-vmware-horizon/

Reach out to our incident response team for help

More To Explore

Bleeding Edge or Just Bleeding? CitrixBleed is Back

Citrix is back with vulnerability news no one wanted. CitrixBleed2 is affecting Citrix NetScaler ADC and Gateway devices between versions 14.1 and 47.46. Exploitation of

Brad Nigh July 7, 2025

Information Security News – 7/7/2025

The Top Red Teamer in the US Is an AI Bot Article Link: https://www.csoonline.com/article/4012801/the-top-red-teamer-in-the-us-is-an-ai-bot.html FDA Expands Premarket Medical Device Cyber Guidance Article Link: https://www.govinfosecurity.com/fda-expands-premarket-medical-device-cyber-guidance-a-28850 Malicious

Marcus Cylar July 7, 2025

APT Actively targeting unpatched VMWare Horizon, exploiting Log4j

Share This Post

More To Explore

Bleeding Edge or Just Bleeding? CitrixBleed is Back

Do You Want to Shore Up Your Defenses?

We're opening our first round of threat hunting engagements to 100 organizations. Sign up or join the wait list here.

Follow Us:

Privacy Policy

© 2025 FRSecure LLC