Avos Ransomware Group Expands Attack Arsenal to VMware Horizon Access Gateways
The initial ingress point was a pair of VMWare Horizon Unified Access Gateways that were vulnerable to Log4Shell. The attackers utilized several different tools, including Cobalt Strike, Sliver, and multiple commercial network scanners.