Microsoft warns of continued Log4j attacks

Microsoft has warned that the Log4j vulnerabilities pose a high risk for companies worldwide, as the open-source component is widely used. Attackers have been exploiting these vulnerabilities, with increasing exploitation attempts towards December end. Various attacks, including installing coin miners and collecting sensitive data, are executed once access is gained through Log4j. While ransomware attacks didn’t increase, initial access brokers’ interest in the vulnerability was observed, indicating potential network access sales on cybercriminal forums. Attacks may go unnoticed due to the broad impact of the vulnerability, necessitating ongoing vigilance, Microsoft warned.