Wave of Log4j-linked attacks targeting VMware Horizon

Sophos analysts have discovered a wave of cyber attacks exploiting the Log4Shell vulnerability in the Apache Log4j Java logging component, primarily targeting VMware Horizon servers. The attackers use initial access brokers to deliver backdoors and profiling scripts, creating future opportunities for ransomware attacks. Sophos has advised upgrading all devices and applications that include Log4J and maintaining defence in depth to prevent such infiltrations.