Log4j was one of the most widespread vulnerabilities of all time – however, 6 months after a patch arrived, the problem has not disappeared. Fresh data from Darktrace competitor ExtraHop, shows that cybercriminals are continually scanning for Log4j vulnerabilities.
The network detection and response (NDR) player tracked scan attempts for the Log4j vulnerabilities month by month, showing the volume of attempts by cybercriminals to take advantage of this widespread vulnerability:
- December 2021: 20,000 scans
- January 2022: 34,000 scans
- February 2022: 128,000 scans
- March 2022: 147,000 scans
- April 2022: 159,000 scans
- May 2022: 20,000 scans
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.