UK’s NHS warns of cyber threats using Log4Shell vulnerability in VMware servers
A report by the United Kingdom’s National Health Service is warning of threats leveraging Log4Shell vulnerability in VMware Horizon servers by an unknown cyber actor. The NHS said the attacks are designed to establish persistence with affective networks, likely as part of a reconnaissance phase. In doing so, the attackers use the Java Naming and Directory Interface via Log4Shell payloads to call back to malicious infrastructure. Once weaknesses are identified, the attack uses the Lightweight Directory Access Protocol to retrieve and execute a malicious Java class file that injects a web shell into the VM Blast Secure Gateway service.
Related News Articles
Headline
The Health Sector Coordinating Council Cyber Working Group and Health-ISAC (Information Sharing and Analysis Center) will host a joint cybersecurity event July…
Headline
Stryker, a medical technology company that provides services and products for hospitals, was disrupted globally by a cyberattack, the company announced March…
Headline
The White House issued an executive order March 6 to combat cybercrimes by threat groups. The order highlights how such groups can receive willing or…
Headline
The Administration for Strategic Preparedness and Response has released a new cybersecurity module for organizations to conduct risk assessments. The free…
Perspective
As the world has learned in recent years, today’s conflicts are fought with many weapons, and cyber warfare is an integral part of the arsenal.As of this…
Headline
The FBI is reminding critical infrastructure organizations to implement mitigations from a June 2025 fact sheet on potential actions by Iranian-affiliated…