Kaspersky stopped more than 30,000 attempts to use the Log4Shell exploit in January

The critical remote code execution vulnerability in Apache’s Log4j utility continues to be a popular tactic for cybercriminals. Consider this yet another plea to patch your systems.

Cybersecurity company Kaspersky said it logged and blocked 30,562 attempts by hackers to use the Log4Shell exploit that was discovered in December 2021. While that marks a decline from when it was first reported, Kaspersky warns that it’s here to stay as a new tool in cyber criminals’ arsenals.

More about Security

Log4Shell is an exploit that targets Apache’s Log4j library, which is used to log requests for Java applications. If successful, an attacker that uses Log4Shell can gain total control over affected servers. Some big names have been found vulnerable, too: Apple, Twitter, Steam, and others were all found to have unpatched versions of Log4j on their servers when news of the exploit went public.

Log4Shell was dangerous enough to earn a 10 (out of 10) on the CVSS severity scale, and with good reason: Read more: https://tek.io/3AT1TFW

Leave a Reply

Your email address will not be published. Required fields are marked *