Subscribe

Conti Exploits The Log4J Flaw To Attack Vulnerable Servers

December 23, 2021

In a recent report published by Advintel, the company revealed that the Log4J vulnerability has since been used by the Conti ransomware group ever since it was identified.

The group exploited the Log4Shell vulnerability to target VMware vCenter servers, allowing the attackers to gain access to the server and then gain the ability to move laterally across the targeted company’s network.

Although they have already gained initial access to the corporate network, exploiting the flaw, therefore, allows them to move laterally inside the compromised network.

While VMware has already provided instructions on how to fix the vulnerability in vCenter servers and vCenter Cloud Gateways, there are other ways attackers can compromise the vulnerability by simply exploiting it.

Attackers could instead exploit the Log4Shell vulnerability as software.

To better protect against the flaw, companies are advised to follow certain procedures, including updating all systems and software, conducting security audits, performing regular backups, and reducing the attack surface by disabling unnecessary protocols or systems.

Others include enabling double-factor authentication, limiting user privileges, using intrusion prevention systems and, finally, implementing security awareness programs.

For more information, read the original story in TechRepublic.

Top Stories

Alberta voter data leak exposes millions through political list misuse

Google Gemini now creates downloadable files directly in app

Accenture expands Copilot rollout to 743,000 staff 

Google signs Pentagon AI deal despite internal employee opposition

OpenAI reportedly building AI agent phone to replace app-driven interfaces

China blocks Meta’s $2B AI acquisition, orders deal unwind

Related Articles

Alberta voter data leak exposes millions through political list misuse

May 1, 2026 More than three million Alberta voter records have been exposed after data from Elections Alberta was allegedly more...

Indeed integrates job search into ChatGPT with new in-app experience

May 1, 2026 Indeed has expanded its partnership with OpenAI to integrate job search directly into ChatGPT, allowing users to more...

Chinese court blocks companies from firing workers to replace them with AI

May 1, 2026 Chinese courts have ruled that companies cannot legally dismiss employees simply to replace them with cost-saving artificial more...

Google Gemini now creates downloadable files directly in app

May 1, 2026 Google has updated its Gemini to generate downloadable files directly within the app, allowing users to create more...

Picture of TND News Desk

TND News Desk

Staff writer for Tech Newsday.
Picture of TND News Desk

TND News Desk

Staff writer for Tech Newsday.

Jim Love

Jim is an author and podcast host with over 40 years in technology.

Share:
Facebook
Twitter
LinkedIn
Tech News Day is a daily publication featuring key news stories about technology and how it affects businesses.

Follow Us

X-twitter Linkedin-in

Popular categories

Tech News Delivered

New, Relevant Tech Stories. Our selection is done by industry professionals – executives like you who pick the top stories for that day. Our writers summarize them to give you the key takeaways.
Subscribe
© 2025 TECHNEWSDAY. All rights reserved.