How Can You Leave Log4J in 2021?
Jan 11, 2022
With the last month of 2021 dominated by the log4J vulnerabilities discovery, publication, and patches popping up in rapid succession, odds are you have patched your system against Log4J exploitation attempts. At least some systems, if not all. You might even have installed the latest patch – at the time of writing, that is 2.17.1, but, if the last rapid patching cycle persists, it might have changed by the time this is published. In the meantime, defenders might have been working overtime to plug Log4J born security gaps, but so did cyber-attackers. Log4J's well-deserved fame also alerted cyber-attackers to a potential entry pathway into their target. And, while log4J will hopefully vanish from the headlines, cyber-attackers are likely to continue trying to exploit it in the hope of finding unpatched or incompletely patched targets. As human error still accounts for 95% of all security breaches , cyber-attackers actively rely on these human errors to exploit them and take advant