Attackers in China using open-source Log4j flaw
A group of Chinese attackers has been using the massive vulnerability in Log4j, a common piece of open-source code, to target a large academic institution, Crowdstrike says.
The latest: CrowdStrike said its software observed an attack that exploited the Log4j flaw in software from VMware.
- The attack came from a China-based group dubbed Aquatic Panda that has been conducting intelligence gathering and industrial espionage, CrowdStrike said.
The big picture: Some security experts, including Cybersecurity and Infrastructure Security Agency (CISA) head Jen Easterly, have called the flaw among the worst they have ever seen.
- Experts have told Axios the Log4j flaw is especially pernicious because the open source software is widely used within business software and networking gear — often without companies even knowing it is being used. On top of that, the flaw is easily exploited and can provide extensive access.
Be smart: CISA is maintaining a list of known affected products here.