The gift that keeps on giving: A new opportunistic Log4j campaign
In this post, we analyze a new opportunistic exploitation campaign based on the Log4j vulnerability.
Log4j Exploited by XMRig Cryptominer Malware: Analysis & Mitigation
Learn how the Log4j vulnerability (CVE-2021-44228) is exploited by XMRig cryptominer malware. Discover attack methods, indicators, and effective mitigation strategies.
One in four apps remain exposed to Log4Shell
Two years after the Log4Shell vulnerability in the open source Java-based Log4j logging utility was disclosed, circa one in four applications are dependent on outdated libraries, leaving them open to exploitation. Research from security shop Veracode revealed that the vast majority of vulnerable apps may never have updated the Log4j library after it was implemented by developers as 32 percent were running pre-2015 EOL versions.