Heather Adkins
The 2021 Log4j bugs represent an endemic vulnerability we will be battling for a long time. Good data from Arctic Wolf. 11% of their breaches. Significant use by Ransomware groups. https://arcticwolf.com/resources/blog/log4j-retrospective/
A Log4Shell (Log4j) Retrospective - Arctic Wolf

As we approach the one-year anniversary of the Log4Shell vulnerability Arctic Wolf Labs looks back on the impact this critical vulnerability continues to have on organizations.

Arctic Wolf
Dec 11, 2022 at 5:52pmWeb
Show threadTodd JordanDec 11, 2022

@argv I'm thankful the company I work for which I do not speak on behalf of has been assertive about going after Log4J vulnerabilities across all platforms. We've had multiple follow ups.

I was personally surprised how common this risk was.

Show threadPatrick CoyleDec 11, 2022
@argv Sad to see that term 'endemic vulnerability'. Much easier to protect cyber systems than human beings, especially when the vulnerability is well documented as is the fix.