It has been the Apache Log4j vulnerability that has been worrying the internet world in recent weeks. A malware that emerged at the end of the year which, according to the experts of Check Point Research, affected 48.3% of organizations globally. First reported on December 9, in the Apache Log4j log package – the most popular Java library with over 400,000 downloads – the vulnerability has been of great concern, impacting nearly half of companies worldwide in a short time.
Attackers are able to exploit vulnerable apps to run cryptojackers and other malware on compromised servers. Until now, most attacks have focused on using cryptomining at the expense of the victims, however, hackers have started acting aggressively and targeting high-level targets.
To know more: Cybersecurity, follow the attacks in real time
“Log4j dominated the headlines in December. It is one of the most serious vulnerabilities we have ever seen, and due to the complexity in the patch and its ease of exploitation, it is likely to stay with us for many years, unless companies take immediate steps to prevent attacks. ” said Maya Horowitz, Check Point Software’s VP Research.
Horowitz also explained that, also in December, “we saw the Emotet botnet move from seventh most widespread malware to second place. Just as we suspected, Emotet hasn’t taken long to bully return since he reappeared in November. It is elusive and spreading fast through phishing emails with malicious attachments or links. Now it’s more important than ever to have a robust email security solution and make sure users know how to identify a suspicious-looking message or attachment. ‘