Why Log4j Is Still The Problem When The Patch Is Released 6 Months Ago?

By   ISBuzz Team
Writer , Information Security Buzz | Jun 14, 2022 05:06 am PST

Log4j was one of the most widespread vulnerabilities of all time – however, 6 months after a patch arrived, the problem has not disappeared. Fresh data from Darktrace competitor ExtraHop, shows that cybercriminals are continually scanning for Log4j vulnerabilities.

The network detection and response (NDR) player tracked scan attempts for the Log4j vulnerabilities month by month, showing the volume of attempts by cybercriminals to take advantage of this widespread vulnerability:

  • December 2021: 20,000 scans
  • January 2022: 34,000 scans
  • February 2022: 128,000 scans
  • March 2022: 147,000 scans
  • April 2022: 159,000 scans
  • May 2022: 20,000 scans