Champagne bottles stayed corked as development and security teams spent the New Year in a dystopian fight for survival with cybercriminals intent to exploit a hole in the Log4j open source library. Where do things stand now? We survey the (threat) landscape.
The New Year is traditionally a time for “ringing out the old” and “ringing in the new'' - for taking stock of what came before and what waits ahead.
Unfortunately, IT and security teams didn’t have that kind of luxury this New Year. Instead, they put the party hats and champagne aside and spent the New Year in something like a dystopian fight for survival. Their adversaries? Hacking and ransomware crews anxious to exploit Log4Shell, a “10 out of 10” remotely exploitable vulnerability in the ubiquitous Log4j open source logging library.
So how did that turn out? And what did a couple weeks away from the office buy us in cyber resilience? Here’s what things look like from where we’re standing:
Article Link: Here’s What Happened with Log4Shell While You Were Out