Log4j Vulnerability Used to Exploit VMware Horizon Server at Eastern US Wastewater Utility

A recent I&A Network Defender Bulletin describes a ransomware incident at an Eastern U.S. wastewater facility. The threat actors leveraged the Log4j vulnerability to access the facility’s networks by exploiting unpatched VMware Horizon servers. The actors then changed the VMware host passwords, rendering the facility’s main backup and secondary backup servers inaccessible. FOR U.S. MEMBERS.