Log4j stories

Arctic Wolf, a global specialist in security operations, has published its annual Arctic Wolf Labs Threat Report, revealing a year of turbulence.

Ransomware threats remain at peak levels with no evidence of slowing down globally with new variants enabled by Ransomware-as-a-Service (RaaS).

The Secureworks Counter Threat Unit (CTU) has uncovered a subgroup of Iranian Cobalt Mirage using GitHub to store and deploy malware.

In the wake of the attack on private health assurance firm Medibank, Australia’s cybersecurity minister Clare O’Neil warned of a new world “under relentless cyber-attack”.

The data highlights legacy vulnerability remediation challenges, which are the root cause of the majority of data breaches.  

The Log4Shell vulnerability that hit countless servers across the globe would need urgent remediation, so the experts had their leave frozen and returned to find where to place the band aid.

"While it’s not a surprise given increased attack opportunities like remote work, it’s still a worrying development and one we cannot ignore."

Companies are adopting cloud-native technologies faster than ever before. Unfortunately, with new technology comes new threats and challenges.

Attackers are using the Log4Shell vulnerability to deliver backdoors and profiling scripts to unpatched VMware Horizon servers.

As world governments issue warnings over the increasing cyber crime threat, the report's findings highlight common threats businesses should protect against.

Log4Shell attacks prove a continued and complex threat to APAC businesses, according to security company Barracuda.

The quantity of cyber attacks targeting the Log4Shell complex of vulnerabilities in Log4j still remains extremely high, according to Barracuda Networks. 

"This latest vulnerability disclosure highlights the challenges many global security teams have in mitigating risk."

Last year's Apache Log4j vulnerability created a lot of chaos, so what can be done to protect companies from the security implications?

A new remote code execution bug could be making businesses in Asia Pacific vulnerable to Log4Shell log injection attacks.

"Last year, we saw a staggering 50% more cyberattacks per week on corporate networks compared to 2020 – that’s a significant increase."

Its effects will be felt far into 2022 and beyond, according to Imperva Research Labs.

"This rapid iteration of fixes has left software developers and organisations worldwide scrambling to assess and mitigate their exposure with nearly daily-changing guidance."