Security News > 2024 > May > Log4Shell shows no sign of fading, spotted in 30% of CVE exploits

Organizations continue to run insecure protocols across their wide access networks, making it easier for cybercriminals to move across networks, according to a Cato Networks survey.
The Cato CTRL SASE Threat Report Q1 2024 provides insight into the security threats and their identifying network characteristics for all aggregate traffic-regardless of whether they emanate from or are destined for the internet or the WAN-and for all endpoints across sites, remote users, and cloud resources.
"As threat actors constantly introduce new tools, techniques, and procedures targeting organizations across all industries, cyber threat intelligence remains fragmented and isolated to point solutions," said Etay Maor, Chief Security Strategist at Cato Networks.
Once threat actors penetrate a network, they usually have less of a problem snooping critical data in transit across the network.
While zero-day threats earn much attention in the industry, threat actors often eschew the use of the latest vulnerabilities and instead exploit unpatched systems.
Three years after its discovery, Log4J remains one of the most used exploits and it was found across 30% of the outbound CVE exploitations observed.
News URL
https://www.helpnetsecurity.com/2024/05/14/log4j-wan-insecure-protocols/
Related news
- Russian Hackers Exploit CVE-2025-26633 via MSC EvilTwin to Deploy SilentPrism and DarkWisp (source)
- PoC exploit for critical Erlang/OTP SSH bug is public (CVE-2025-32433) (source)
- ⚡ Weekly Recap: Critical SAP Exploit, AI-Powered Phishing, Major Breaches, New CVEs & More (source)
- Cisco Patches CVE-2025-20188 (10.0 CVSS) in IOS XE That Enables Root Exploits via JWT (source)