Log4Shell Is Taking More Victims With No End In Sight

A comprehensive patch has yet to be released for vCenter servers to date.

A growing number of IT security experts and government agencies across the world have pointed out that the Log4Shell vulnerability discovered in Apache's logger in December is one of the top attack vectors at the moment. Another report is coming from several countries where attackers have used ransomware viruses to target victims using products containing the vulnerability.

Based on the data gathered by the AdvIntel Cyber Defence Center, VMware vCenter servers are the most popular attack point; ransomware is often used to attack VMs (Virtual Machines). From the information we know, one of the dozens of companies using a vulnerable version of The Log4j API, VMWare, had more than 40 products potentially compromised during an attack.
The software provider has since released several updates, but a comprehensive patch has yet to be released for vCenter servers to date.

Log4Shell is an effective way to attack individuals who use vCenter servers and other network services. You will not be in safety until an internet connection is disabled and the system is fully patched.

Cyber security experts indicate that well-known Russian hacking groups have carried out hundreds of attacks on people, leaked their data to the dark web, and demanded exorbitant amounts of money in exchange.
Researchers say that ransomware attacks can be quite profitable since more than 30% of the victims are willing to pay the ransom.

This Log4Shell attack can be carried out in multiple environments, making it extremely complicated to defend against.

What do you think?

15 Points
Upvote Downvote

Written by Staff

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

human face in augmented or virtual reality glasses virtual reality headset vr helmet metaverse technology concept

Cybercriminals Exploit The Lack Of Regulation In The Metaverse

cyber attack malware wannacry ransowmare virus encrypted files and lock on cloud computer concept hacker is offering key to unlock data for money vector illustration of security technology

How to Prepare for a Potential Ransomware Attack?