Log4J: BlackBerry finds Prophet Spider access broker exploiting VMware Horizon

From zdnet.com

Initial access broker group, Prophet Spider, has been found exploiting the Log4J vulnerability in VMware Horizon, according to a new report from researchers with BlackBerry Research & Intelligence and Incident Response teams.

Even though VMware released a patch in December and has published extensive guidance on how to mitigate the issue, many implementations remain unpatched.

Read more…