This article has been indexed from The Hacker News
Threat actors are actively weaponizing unpatched servers affected by the newly disclosed “Log4Shell” vulnerability in Log4j to install cryptocurrency miners, Cobalt Strike, and recruit the devices into a botnet, even as telemetry signs point to exploitation of the flaw nine days before it even came to light.
Netlab, the networking security division of Chinese tech giant Qihoo 360, disclosed
Read the original article: Apache Log4j Vulnerability — Log4Shell — Widely Under Active Attack