The Bitdefender Threat Debrief (BDTD) is a monthly series analyzing threat news, trends, and research from the previous month. You can find all previous debriefs here.
Highlight of the month: Log4Shell/Log4j vulnerability
On December 9, 2021, Apache disclosed CVE-2021-44228, a remote code execution vulnerability – assigned with a severity of 10 (the highest possible risk score).
The source of the vulnerability is Log4j, a logging library commonly used by a wide range of applications. The Log4j library is widely used by other frameworks, such as Elasticsearch, Kafka and Flink, that are foundational for many popular web sites and services, but it is also a common component in custom enterprise systems.
We covered the impact on Bitdefender products and services, but also worked with our Bitdefender Labs to provide a deep dive overview and types of attacks in the field.
Spear phishing attacks are often used as an initial attack vector. Ransomware infection is often the final stage of the same kill chain. For this report, we analyzed malware detections collected in November 2021