NIST's guidance for a Zero Trust Architecture

Recent AD NewsUncategorized

Chinese hackers exploit log4j to target VMWare Horizon servers

Deep Panda, the advanced persistent threat group, has launched new attacks using Log4shell to deploy the new Fire Chili rootkit. Known as Shell Crew, KungFu Kittens, and Bronze Firestone, Deep Panda has been one of China’s most infamous nation-state threat actors.

Recently, a report published by researchers Rotem Sde-Or and Eliran Voronovitch stated that the group has mainly attacked organizations belonging to financial, academic, cosmetics, and travel industries. The report also noted the Deep Panda’s recent attack on VMWare Horizon servers, which is done by exploiting Log4Shell, a critical flaw  in the Apache Log4J Java logging library (CVE-2021-44228, CVSS 10.0) that results in the embedding of a backdoor named Milestone (1.dll).

Additionally, a rootkit named ‘Fire Chili’ was also deployed alongside Milestone, which signs a stolen digital certificate to enable covert attacks and sign-off malicious tools. This ensures that the targeted device does not operate in safe mode.

Related posts
Recent AD News

Chinese hacker group 'Naikon' strikes again: Targets ASEAN nations

Uncategorized

Report breaches to CERT-In within six hours: Indian government's order to organizations

Recent AD News

Bumblebee: A new malware loader on the prowl

Recent AD News

FBI issues alert: A lethal ransomware that breached 60 companies