Log4Shell Zero-Day Exploit

LMG Security | 12/13/2021

Criminals are actively leveraging a new zero-day exploit, known as Log4Shell, to break into systems at organizations of all sizes, as well as cloud providers. Due to the wide range of applications that may be exploited and the large number of potential delivery mechanisms, Log4Shell is a high severity threat. This vulnerability (tracked as CVE-2021-44228) affects the Apache Log4j 2 Java-based logging library, which is widely-used in on-premises software, cloud services, and web applications. Due to the wide range of affected application.

What you need to do:

To read more, please log in

This site is operated by NetDiligence®. Links found within this site may open a new browser window and take you outside the Sompo International's Cyber Risk Portal to another website, the contents of which are maintained by third parties over whom NetDiligence and Sompo International have no control. We provide links to these external sites for your convenience and awareness. We accept no responsibility for the content of linked sites. Upon request of the content source, we will remove links.

Learning Center Article

Log4Shell Zero-Day Exploit

Related Content

Attack Surface Monitoring - Log4j

Kaseya - Security Advisory

Log4Shell Compromise Assessment

Microsoft Exchange Advisory Checklist

PYSA Ransomware Targeting Education Institutions

Microsoft Emergency Exchange Server Patching

Cyber Response Services Security Advisory - SolarWinds Orion

CISA Cyber Alert - SolarWinds Breach

Featured

Deploying AI Systems Securely

Top Security Controls of 2024

Q1 2024 Data Breach Analysis

Secure by Design Alert Eliminating SQL Injection Vulnerabilities in Software

Deep Fakes Causing Real Harms: Time to Take Action

Key Incident Response Procedures Every IT Managed Service Provider Must Master

2023 BEC Spotlight Report

Russian FSB cyber actor Star Blizzard continues worldwide spear-phishing campaigns.