Threat actors are attempting to exploit the newly disclosed Log4j flaw to deploy ransomware, remote access Trojans, and Web shells on vulnerable systems. CrowdStrike says it has observed a nation-state actor make moves that suggest an interest in exploiting the flaw. Security experts consider the flaw especially troubling because it is relatively easy to exploit and gives attackers complete control of any system running a vulnerable application. The latest developments heighten the urgency for organizations to update to the new version of the logging framework that the Apache Foundation released Dec. 10.”]