Log4j vulnerabilities, specifically CVE-2021-44228 and CVE-2021-45046, remain a significant threat to cybersecurity. Despite being discovered in late 2021, vulnerable instances of Log4j are still being actively exploited. This highlights the importance of prompt patching and ongoing security measures for software components. The persistence of Log4j exploits indicates the challenge of achieving widespread adoption of patches, even for critical vulnerabilities. It underscores the need for proactive security practices and ongoing vigilance to address known vulnerabilities.
Perfctl, a stealthy and persistent Linux malware, has been circulating since at least 2021, infecting thousands of machines. It leverages a range of tactics, including exploiting common misconfigurations and known vulnerabilities, to gain access to vulnerable systems. The malware, which has a high success rate in avoiding detection, uses a naming convention similar to common Linux tools to blend in with legitimate processes. The attackers exploit vulnerabilities like CVE-2023-33246 in Apache RocketMQ, a widely used messaging and streaming platform, to establish a foothold. Perfctl is primarily used for cryptocurrency mining, stealing processing power from infected machines.