Call it a “logjam” of threats: Attackers including nation-state actors have already targeted half of all corporate global networks in security companies’ telemetry using at least 70 distinct malware families — and the fallout from the Log4j vulnerability is just beginning.
Researchers manning keyboards all over the world have spent the past several days chasing attacks aimed at a now-infamous Log4j Java library bug, dubbed Log4Shell (CVE-2021-44228). Side note: Log4j is pronounced, “log forge” — although that’s disputed, because it’s also referred to in conversation as “log-four-jay.” Dealer’s choice there.
First discovered among Minecraft players last week, the newly discovered vulnerability has opened a massive opportunity for threat actors to hijack servers, mostly with coin miners and botnets, but also a cornucopia of other malware such as the StealthLoader trojan — and that’s just so far.

As we, as a community, deal with COVID-19 and the resulting impacts, Certified Solutions would like to express gratitude to our customers. Many of the folks we serve are in the business of keeping the UK running. They treat patients, deliver emergency response, keep the lights on, and keep commerce flowing. For the teams who work in healthcare, a heartfelt Thank You for all you are doing and what you will do going forward as we beat this virus together.

