Ransomware: Hackers are using Log4j flaw as part of their attacks, warns Microsoft

China-based cyber criminals are exploiting the Log4j ‘Log4Shell’ flaw in VMware’s Horizon product to install the NightSky ransomware, warns Microsoft. The attacks target internet-facing software, systems and devices with vulnerable versions of Java-based Log4j, a critical vulnerability first disclosed on December 9. The ransomware operator, known as DEV-0401, has previously exploited systems running Confluence and Exchange servers. Microsoft has underscored Log4j as a “high-risk situation” and suggests using scripts and scanning tools to assess potential risk and impact.