New attacks targeting Apache Log4j vulnerabilities have been uncovered, including a newly-discovered JavaScript WebSocket attack. Ransomware is being used to deploy TellYouThePass, an old and until recently inactive ransomware family, mainly affecting Chinese victims. The U.S. Cybersecurity and Infrastructure Security Agency has required federal civilian departments and agencies to immediately patch their systems or implement appropriate mitigation measures. National-state attackers appear to be abusing or testing the Log4J vulnerability, while criminal groups are also targeting the flaw.”]
Source: https://www.inforisktoday.com/apache-log4j-new-attack-vectors-ransomware-seen-a-18152