Threat Actors Exploiting Log4j vulnerabilities propagated via SolarWinds Serv-U software

The cybersecurity researchers at Microsoft have recently identified a security flaw in SolarWinds Serv-U software that is exploited by the hackers to execute Log4j attacks to compromise the network of their victims. While monitoring attacks using Log4j, the Microsoft expert, Jonathan Bar discovered this vulnerability which is tracked as “CVE-2021-35247.” However, SolarWinds has already fixed […]

Continue Reading

Hackers Targeting Log4j Flaws in VMware Horizon – NHS

In VMware Horizon servers to establish web shells, the threat actors are actively targeting and exploiting the Log4Shell vulnerabilities.  The UK’s National Health Service (NHS) has warned about a Log4Shell exploit that is actively targeting the vulnerability that is tracked as “CVE-2021-44228,” it’s a critical arbitrary remote code execution flaw in the Apache Log4j 2.14. […]

Continue Reading

Critical SSRF Bug in VMware Workspace ONE UEM Console Let Attacker Steal Sensitive Data

A critical SSRF vulnerability has been detected recently in the VMware Workspace ONE UEM console, that could be exploited by the threat actors to steal sensitive data and information. For over-the-air remote management of the following devices is done via Workspace ONE Unified Endpoint Management since it’s a VMware solution:- Desktops Mobile Rugged Wearables IoT […]

Continue Reading