Attackers Exploit Log4j Flaws in Hands-on-Keyboard Attacks to Drop Reverse Shells

Microsoft has warned organizations that threat actors, including ransomware groups and nation state actors, are increasingly exploiting the remote code execution (RCE) vulnerabilities in Apache’s Log4j logging framework. The threat is widespread due to the common use of Log4j, a component in many Java applications. Microsoft reports broad exploit code and scanning capability availability. Many firms may be unaware they have already been compromised, and victims include internet-facing servers and SCADA systems. Despite updates and security measures, hidden vulnerabilities may still exist within applications.