Researchers at Lacework have revealed that the Log4Shell vulnerability was exploited as an initial attack vector in 31% of cases monitored by the company over the past six months.
The software vendor’s latest Lacework Cloud Threat Report highlights typical risks in today’s digital landscape. The findings confirm what security experts suspected, that the Log4j bug was used extensively by threat actors since its emergence in December last year.
“Over time, we watched scanning activity evolve into more frequent attacks, including some that deployed crypto-miners and Distributed Denial of Service (DDoS) bots to affected systems,” Lacework explained.