Experts Predict Log4j Exploits to Continue Into Future

Share post:

Cybersecurity experts predict that a remote code execution vulnerability discovered in Log4j, which is currently being exploited by attackers, will persist for as long as possible. According to experts, due to its ubiquity and simplicity of exploitation, the problem will continue for months, if not years.

Sophos senior threat researcher Sean Gallagher explained that the attacks exploited the vulnerability to install coin miners and botnet. He explained, “The most recent intelligence suggests attackers are trying to exploit the vulnerability to expose the keys used by Amazon Web Service accounts. There are also signs of attackers trying to exploit the vulnerability to install remote access tools in victim networks, possibly Cobalt Strike, a key tool in many ransomware attacks.”

Other security experts also pointed out that hackers began exploiting the vulnerability almost immediately after their discovery. Chris Evans, CISO at HackerOne, said that they had received 692 reports of Log4j to 249 customer programs. Companies that had confirmed that they were vulnerable included Apple, Amazon, Twitter and Cloudflare.

For more information read the original story in ZDNet.

SUBSCRIBE NOW

Related articles

FBI’s Operation Level Up Ends Cyber Scams and Saves Millions of Dollars and Lives

We should send a love note out to The Federal Bureau of Investigation (FBI) who launched Operation Level...

DOGE’s Teen Hacker Stirs Concern Over Musk Team’s Access to Federal Databases

A 19-year-old named Edward “Big Balls” Coristine has raised red flags after Wired revealed he holds a key...

Deep Seek and Open Source AI – Without the Hype: Discussion with Robert Falzon, Head of Engineering, Check Point

DeepSeek AI is shaking up the cybersecurity world—are we prepared for the risks? Join host Jim Love and...

Researchers Jailbreak DeepSeek AI, Expose System Prompt and Raise Security Concerns

Security researchers at Wallarm have successfully jailbroken DeepSeek, a recently released open-source AI model from China. The jailbreak...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways