ThreatSTOP Blog

ThreatSTOP launches exclusive Log4j infrastructure protection

Written by Ofir Ashman | January 12, 2022

Apache's Log4j (aka Log4Shell) starred in headlines around the turn of the year, and while the software company has released patches for the vulnerabilities found in Log4j so far, urgent warnings constantly remind us that the threat is still alive and kicking. In an update last week, the team at Microsoft Threat Intelligence Center (MSTIC) explained: "Exploitation attempts and testing have remained high during the last weeks of December. We have observed many existing attackers adding exploits of these vulnerabilities in their existing malware kits and tactics, from coin miners to hands-on-keyboard attacks,"

On top of the still-ongoing abuse of the exploit, including targeted attacks by sophisticated adversaries, even organizations that have patched their systems for Log4j are still at risk. Although safe from abuse of the vulnerabilities known to the public, their network may already have already been compromised before the campaigns were uncovered.

At ThreatSTOP, we are fully committed to creating the absolute best protection for our users. We block from the most basic to the most advanced threats, solidly protecting our users' networks - both ways. Whether an attacker is trying to penetrate the network from the outside, or call home from inside a compromised network, the ThreatSTOP platform blocks their traffic both on the IP and domain level.

Our team is glad to announce that in addition to our 900+ threat intelligence feeds, we have added a new Log4j ThreatSTOP-curated feed with the latest indicators of compromise (IOC) to ensure two-way protection from attacks using these vulnerabilities.

If you are a ThreatSTOP customer, add the Log4j IP and domain targets to your policy to get instant protection from this threat.

Not a ThreatSTOP user and want to try us out? Grab a demo to see the quick, immensely positive impact on your network security.