Researchers at Lacework have revealed that the Log4Shell vulnerability was exploited as an initial attack vector in 31% of cases monitored by the company over the past six months.

The software vendor’s latest Lacework Cloud Threat Report highlights typical risks in today’s digital landscape. The findings confirm what security experts suspected, that the Log4j bug was used extensively by threat actors since its emergence in December last year.

“Over time, we watched scanning activity evolve into more frequent attacks, including some that deployed crypto-miners and Distributed Denial of Service (DDoS) bots to affected systems,” Lacework explained.

The post A third of malware infections use Log4Shell appeared first on IT Security Guru.

source

You May Also Like

76% of UK healthcare organisations want government to ban ransomware payments

A new study from Obrela Security Industries has revealed that 76 percent…

TLStorm: Armis finds Three Critical Zero-Days in APC Smart-UPS devices that could impact over 7 in 10 organisations worldwide

  Armis, unified asset visibility and security company, announced the discovery of…

Protecting your APIs from Attacks and Data Breaches

Many organisations are working to modernise their existing applications and integrate secure…

New attack method could disrupt electric vehicle charging

Academics from the University of Oxford and Armasuisse S+T have identified a…