In December 2021, researchers uncovered a critical zero-day vulnerability, dubbed Log4Shell, used by millions of Java applications. Log4shell quickly became infamously known as the vulnerability of the year, even ranking ten out of ten on the CVSSv3 severity scale.
Although the Apache Foundation released a patch for this CVE shortly after its discovery, the first wave of attacks was just the beginning as cybercriminals managed to circumvent the patch, integrating the vulnerability into their toolkits to exploit Log4Shell.
In this webinar, Costin Raiu, the head of Kaspersky’s Global Research and Analysis Team (GReAT), and Markus Neis, threat intelligence lead at Swisscom, share their insights about the details of the Log4Shell attack.
Watch this webinar and learn:
- Why Log4Shell is so dangerous
- What an attack exploiting Log4Shell looks like
- What the latest observed dynamics in Log4Shell activity are
- What actions are most effective for detecting and mitigating the Log4Shell vulnerability
This presentation originally aired at the fifth online Quarterly Cyber Threat Report event held by The Centre for Cybersecurity Belgium, where security experts from around the world discussed why and how we should change our views on vulnerability management. You can find other webinars from the event on the CCB LiveStorm page.
To view the webinar please register or sign in on Securelist.
