Recently, there have been several attacks observed actively exploiting the Log4Shell vulnerability. Addressing the same, several security agencies continue to warn about cybercriminals who continue to exploit the Log4j vulnerability in their attacks.
Series of warnings
In the past few weeks, multiple security agencies issued warnings about attackers attempting to exploit vulnerabilities in Log4j.
SolarWinds fixed a flaw in a file-sharing software, Serv-U, when attackers abused the flaw to gain login access.
The National Health Service had warned that an unknown threat group is trying to exploit the Log4j vulnerability that exists inside the VMware Horizon servers.
At the same time, researchers spotted that cybercriminals were found attempting to abuse the Log4Shell flaw for delivery of a new Khonsari ransomware on Windows systems.
The Log4Shell vulnerability has become a menace and poses a huge challenge to the security community. Several security agencies and services are continuously providing help to mitigate the threat. For example, the U.K NCSC has shared more information by using its website and GitHub repository. Following these could be of great help in avoiding this dreadful threat.