10 ready-to-implement PowerShell scripts to make AD management easy!

Recent AD NewsUncategorized

Chinese hackers exploit log4j to target VMWare Horizon servers

Deep Panda, the advanced persistent threat group, has launched new attacks using Log4shell to deploy the new Fire Chili rootkit. Known as Shell Crew, KungFu Kittens, and Bronze Firestone, Deep Panda has been one of China’s most infamous nation-state threat actors.

Recently, a report published by researchers Rotem Sde-Or and Eliran Voronovitch stated that the group has mainly attacked organizations belonging to financial, academic, cosmetics, and travel industries. The report also noted the Deep Panda’s recent attack on VMWare Horizon servers, which is done by exploiting Log4Shell, a critical flaw  in the Apache Log4J Java logging library (CVE-2021-44228, CVSS 10.0) that results in the embedding of a backdoor named Milestone (1.dll).

Additionally, a rootkit named ‘Fire Chili’ was also deployed alongside Milestone, which signs a stolen digital certificate to enable covert attacks and sign-off malicious tools. This ensures that the targeted device does not operate in safe mode.

Related posts

Azure vs AWS: Which Cloud Platform is Right for You?  


How to provision user in Azure - Azure User Provisioning


How to enable Azure AD Pass-through authentication?


Azure AD account lockout policy


There are over 8,500 people who are getting towards perfection in Active Directory, IT Management & Cyber security through our insights from Identitude.

Wanna be a part of our bimonthly curation of IAM knowledge?

  • -Select-
  • By clicking 'Become an insider', you agree to processing of personal data according to the Privacy Policy.