Anything you log can and will be used against you \r\n The Log4Shell vulnerability is here to stay. There is a lot of speculation about the scope and true impact of the vulnerability: While many have labeled it “severe,” information is limited on how widespread the risk is. In order to shed some light on the issue, Akamai Threat Labs is utilizing its visibility into numerous data centers worldwide to assess the actual risk Log4Shell poses to organizations. \r\n Key findings: \r\n \r\n Two-thirds of all inspected Java servers included a vulnerable Log4j \r\n \r\n 91% of the examined data centers run Java server-side applications; among them, more than 40% include internet-facing Java servers \r\n \r\n Looking at outbound communication patterns, the vast majority of Java applications examined communicate over few ports \r\n \r\n Analysis of outbound communication patterns can help organizations detect anomalous behavior, and mitigate some of the risk posed by Log4Shell \r\n \r\n \r\n For further analysis of…