Advertisement
Top
image credit: Adobe Stock

Log4Shell exploitation: Which applications may be targeted next?

April 5, 2022

Via: Help Net Security
Category:

Spring4Shell (CVE-2022-22965) has dominated the information security news these last six days, but Log4Shell (CVE-2021-44228) continues to demand attention and action from enterprise defenders as diverse vulnerable applications are being targeted in attacks in the wild.

Attackers in the wild exploiting Log4Shell

Log4Shell is widespread because Apache Log4j – the logging library that it affects – is widely used. While its exploitability depends on the Java version, the Log4j version (only Log4j v2 is vulnerable) and how it’s used, the vulnerability is easily triggered with the right exploit.

Read More on Help Net Security

RELATED PUBLICATIONS

AI set to play key role in future phishing attacks
U.S. Gov imposed Visa restrictions on 13 individuals linked to commercial spyware activity
Report: Russian Hackers Targeting Ukrainian Soldiers on Apps

Latest Publications

Google fixed critical Chrome vulnerability CVE-2024-4058
North Korean Hackers Hijack Antivirus Updates for Malware Delivery
AI set to play key role in future phishing attacks
Security Curated Copyright © 2024. All rights reserved
Go to ITCurated!