Security News > 2022 > January > Kaspersky stopped more than 30,000 attempts to use the Log4Shell exploit in January
Cybersecurity company Kaspersky said it logged and blocked 30,562 attempts by hackers to use the Log4Shell exploit that was discovered in December 2021.
Log4Shell is an exploit that targets Apache's Log4j library, which is used to log requests for Java applications.
Some big-names have been found vulnerable, too: Apple, Twitter, Steam and others were all found to have unpatched versions of Log4j on their servers when news of the exploit went public.
Since the announcement of Log4Shell in December, Kaspersky said its products detected and prevented 154,098 attempts to scan and attack vulnerable devices, with most targets located in Russia, Brazil and the United States.
Luckily, Apache has already released an updated version of Log4j that closes the exploit.
An open-source tool from security provider WhiteSource was released that can detect Log4Shell vulnerabilities, and it's a good idea for organizations to download it, or a similar tool, to look for weak spots that you may not know you have.