The Log4Shell vulnerability is still causing major problems, and CISA’s director is terrified.
An unnamed Iranian state-sponsored hacking group managed to compromise the endpoints belonging to an American Federal Civilian Executive Branch (FCEB) organization, and used its access to deploy a cryptocurrency miner.
The Cybersecurity and Infrastructure Agency (CISA) published (opens in new tab) the findings earlier this week. As per its report, CISA was brought in, in mid-June, to investigate suspicions of advanced persistent threat (APT) activity.
Following a month-long investigation that ended in July 2022, the agency concluded that an Iranian state-sponsored threat actor managed to compromise an unpatched VMware Horizon server by leveraging the infamous log4j vulnerability, Log4Shell.
