ManageEngine x Forrester | Workforce Identity Platforms Landscape Report

Recent AD NewsUncategorized

Chinese hackers exploit log4j to target VMWare Horizon servers

Deep Panda, the advanced persistent threat group, has launched new attacks using Log4shell to deploy the new Fire Chili rootkit. Known as Shell Crew, KungFu Kittens, and Bronze Firestone, Deep Panda has been one of China’s most infamous nation-state threat actors.

Recently, a report published by researchers Rotem Sde-Or and Eliran Voronovitch stated that the group has mainly attacked organizations belonging to financial, academic, cosmetics, and travel industries. The report also noted the Deep Panda’s recent attack on VMWare Horizon servers, which is done by exploiting Log4Shell, a critical flaw  in the Apache Log4J Java logging library (CVE-2021-44228, CVSS 10.0) that results in the embedding of a backdoor named Milestone (1.dll).

Additionally, a rootkit named ‘Fire Chili’ was also deployed alongside Milestone, which signs a stolen digital certificate to enable covert attacks and sign-off malicious tools. This ensures that the targeted device does not operate in safe mode.

Related posts
Uncategorized

How to secure your emails using Azure Information Protection

Uncategorized

One-time passcode authentication for Azure AD B2B Guest Users

E-bookUncategorized

Mitigating cybersecurity risks in healthcare: A proactive approach with Cyber Essentials and user life cycle management

Uncategorized

How Azure AD Pass-Through Authentication strengthens your security

×

There are over 8,500 people who are getting towards perfection in Active Directory, IT Management & Cyber security through our insights from Identitude.

Wanna be a part of our bimonthly curation of IAM knowledge?

  • -Select-
  • By clicking 'Become an insider', you agree to processing of personal data according to the Privacy Policy.