• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

My TechDecisions

  • COVID-19 Update
  • Best of Tech Decisions
  • Topics
    • Video
    • Audio
    • Mobility
    • Unified Communications
    • IT Infrastructure
    • Network Security
    • Physical Security
    • Facility
    • Compliance
  • RFP Resources
  • Resources
  • Podcasts
  • Subscribe
  • Project of the Week
  • Latest News
  • About Us
    SEARCH
IT Infrastructure, Network Security, News

Google Reports 400,000 Daily Log4j scans

Google says it is continuing to see as many as 400,000 daily scans for Log4j vulnerabilities against Google Cloud.

February 22, 2022 Zachary Comeau Leave a Comment

Google says there are as many as 400,000 scans for Log4j vulnerabilities against Google Cloud each day, suggesting that IT professionals need to continue to be vigilant and ensure that they remediate vulnerable systems.

The claim comes in Google’s Threat Horizons Executive Snapshot this month, a quarterly report from the company’s Cybersecurity Action Team. Google Cloud continues to see 400,000 scans each day, and the company believes other cloud providers are seeing similar, if not more, scanning levels.

It’s unclear whether the scanning is primarily on behalf of security researchers or adversaries, but what is clear is that this vulnerability is not simply going away any time soon as both groups continue to scan for vulnerable Log4j instances.

According to Google, the company is continuing to see 400,000 scans for Log4j vulnerabilities against Google Cloud each day, and similar scanning levels against all provides are widely expected.

The company says threat actors are predominantly targeting ports 80 and 443 with scanners sending payloads to many other ports with attack payloads largely using Lightweight Direct Access Protocol (LDAP) servers listening mostly on TCP ports 389 and 1389.

Google adds that threat actors are refining ways of obfuscating the Log4j format string, starting with jndi:ldap://” and moving more difficult to parse strings.

“Adversaries and researchers alike are continuing to scour the web looking for vulnerable instances of Log4j,” Google report says. “As a result, service providers have been and continue to work with their cloud customers to ensure the infrastructure is secure as well as check the status of customer-installed tools and third-party dependencies in their environments to see if they are affected. While adversaries continue to knock on this door, observations have shown that they are opting to use known open-source tools, native Cloud services, and previously established domains for persistence in their attacks.”

Google points Google Cloud admins to several Google Cloud-specific mitigations, including the company’s Cloud Armor solution, Java scanning feature, and threat hunting tools.

Read the company’s report for more mitigations.

Tagged With: Google, Log4j

Related Content:

  • Google Password Manager Google Updates Password Manager For Unified Experience
  • VMware vSphere+ vSAN+ VMware Releases vSphere+ and vSAN+ to Enhance On…
  • Microsoft Cybersecurity Architect Expert Microsoft Adds New Expert-level Cybersecurity Architect Certification
  • Microsoft Basic Auth Prepare: Microsoft Begins Disabling Basic Auth in Exchange…

Free downloadable guide you may like:

  • Uber Advanced Technologies Group Drives its Business Forward

    The guiding principle for the new Uber meeting room redesign was “invisible comfort” to ensure that everyone could maximize productivity.

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Get the FREE Tech Decisions eNewsletter

Sign up Today!

Latest Downloads

Uber Advanced Technologies Group Drives its Business Forward

The guiding principle for the new Uber meeting room redesign was “invisible comfort” to ensure that everyone could maximize productivity.

Windows 11
Blueprint Series: Upgrading to Windows 11

Upgrading end users to Windows 11 could be one of the most challenging tasks IT has to face in the coming years. Although the new version is touted...

The State of the IT Department in 2022

The role of the IT professional has shifted from one that supports the business to one that is deserving of a seat at the table when it comes to ma...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!
Sharp Microsoft Collaboration HQ Logo

Learn More About the
Windows Collaboration Display

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ

Footer

TechDecisions

  • Home
  • Welcome to TechDecisions
  • Subscribe to the Newsletter
  • Contact Us
  • Media Solutions & Advertising
  • Comment Guidelines
  • RSS Feeds
  • Twitter
  • Facebook
  • Linkedin

Free Technology Guides

FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets

View all Guides
TD Project of the Week

Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.

Enter Today!
Emerald Logo
ABOUTCAREERSAUTHORIZED SERVICE PROVIDERSTERMS OF USEPRIVACY POLICY

© 2022 Emerald X, LLC. All rights reserved.