A list of all affected applications would undoubtedly run to many thousands more. A list of affected software compiled by the Cybersecurity and Infrastructure Security Agency (CISA) - and restricted to only enterprise software platforms - runs to more than 500 items long at time of press. What is known for sure is that the scope of the vulnerability is huge. ![]() But concrete news on exploitation in the wild remains scarce, likely because victims either don’t know or don’t yet want to acknowledge publicly that their systems have been breached. The CEO of Cloudflare, a website and network security provider, announced early on that the threat was so bad the company would roll out firewall protection to all customers, including those who had not paid for it. One cybersecurity firm reported that nearly half of corporate networks it was monitoring had seen attempts to exploit the vulnerability. ![]() So far, researchers have observed attackers using the Log4j vulnerability to install ransomware on honeypot servers - machines that are made deliberately vulnerable for the purpose of tracking new threats. “As soon as I saw how you could exploit it, it was horrifying”
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |