Cybersecurity security agencies from the United States, United Kingdom, Australia, Canada and New Zealand have published the top 12 routinely exploited vulnerabilities in 2022.
In the past month, researchers from FortiLabs have detected a new cyber campaign involving Chinese Advanced Persistent Threat (APT) group Deep Panda that has exploited the Log4Shell (log4j) vulnerability CVE-2021-44228 on vulnerable VMware Horizon servers to install digitally signed Fire Chili rootkits.
Software giant SAP has released February 2022 Security Patch Day that includes 19 separate security advisories and patches, to include fixes for critical log4j and ICMAD vulnerabilities.
Software giant SAP has released January 2022 Security Patch Day that includes nine separate security advisories and patches, three of those were updates to previously released patches from December.
Threat hunters from CrowdStrike have discovered Aquatic Panda cyber gang using Log4Shell exploit tools in recent intrusion attempts against a customer.