<span id="hs_cos_wrapper_post_body" class="hs_cos_wrapper hs_cos_wrapper_meta_field hs_cos_wrapper_type_rich_text" style="" data-hs-cos-general-type="meta_field" data-hs-cos-type="rich_text" ><p style="direction: ltr;">Although VMware already released a patch for its Horizon Servers in December, many users have not yet updated their systems - at the risk of a Log4j exploit attack. Recently, an initial access broker group dubbed Prophet Spider has been spotted abusing the Log4j vulnerability to gain access to victim networks. But that's not all, Log4j continues to be seen as the main vulnerability abused in malware infections, crypto mining and more. <span>The UK's National Health Service (NHS) warned last month </span><span>that hackers were attempting to exploit a Log4J vulnerability in VMware Horizon servers to establish web shells, allowing attackers to distribute malware and ransomware, steal sensitive information, and complete other malicious attacks.</span></p> <!--more--><p style="direction: ltr;">&nbsp;</p> <h3 style="direction: ltr;"><span>Patch your servers</span></h3> <p><span>As stated by a VMware spokesperson, VMware Horizon products remain vulnerable to critical Apache Log4j/Log4Shell vulnerabilities unless properly patched or mitigated using the patch VMSA 2021-0028, which was first published on Dec. 10, 2021. The patch, published on the VMware security advisory, is updated regularly with new information.</span></p> <h3>&nbsp;</h3> <h3><span>Block Log4j Attacks</span></h3> <div> <p>At ThreatSTOP, we are fully committed to creating the absolute best protection for our users. We block threats from the most basic to the most advanced, solidly protecting our users' networks - both ways. Whether an attacker is trying to penetrate the network from the outside, or call home from inside a compromised network, the ThreatSTOP platform blocks their traffic both on the IP and domain level.</p> <p>In addition to our 900+ threat intelligence feeds, <span style="font-weight: bold;">we have added a new Log4j ThreatSTOP-curated feed with the latest indicators of compromise (IOC) to ensure two-way protection from attacks using these vulnerabilities.</span></p> <p>&nbsp;</p> <p><em><span style="font-weight: bold;">If you are a ThreatSTOP customer, add the Log4j IP and domain targets&nbsp;to your policy</span> to get instant protection from this threat.</em></p> <p><em><span style="font-weight: bold;">Not a ThreatSTOP user and want to try us out?&nbsp;Grab a demo</span> to see the quick, immensely positive impact on your network security.</em></p> <p><span style="background-color: transparent; font-size: 1em;"></span></p> </div></span>