Another Apache Log4j Vulnerability Is Actively Exploited in the Wild
On December 9, 2021, a cloud security administrator for the e-commerce giant Alibaba discovered a major security vulnerability that sent cybersecurity teams across the globe scrambling to develop an antidote. Known as Log4j, this Remote Code Execution (RCE) vulnerability lets a remote attacker execute arbitrary code on an affected server—potentially wreaking havoc on IT infrastructure and compromising data security and user privacy. Read the blog for a comprehensive overview of what the Log4j threat entails and for an introduction to the tools and tactics necessary to combat it. Contact a Storm7 Labs Palo Alto Networks consultant to discuss next steps.