The Role of Log4j in the Targeting of Vulnerability

The most leveraged exploit against vulnerability were against the F5 big IP firewall component, as well as looking at some of the VMware workspace access and identity managers appliances. The key here to remember is that even if you don't have something that is compatible with log4j that maybe has remained on patch perimeter devices pose a significant threat because of where it is placed within your environment. And again, I know how we saw them use it over and over again was maintaining persistence there to come back in to an organization and conduct Wiper-Mower attacks.