On December 15th a subsequent vulnerability, CVE-2021-45046 has been discovered in the patch that Apache released for Log4j that may allow attackers to launch a DOS attack by adding malicious input data through a JNDI lookup pattern. We expect that subsequent CVEs may be discovered over the coming days and will continue to provide updates to support detection and remediation of post-compromise threat activity.
Read More