More log4j vulnerability links

A few more links:

• Akamai’s security team published some interesting analysis of the log4j related traffics they’re seeing across their networks. Figure 1 is titled “A mild start, then a global tsunami of malicious activity”, which seems to capture the mood.
• ZDNet has a good primer for people just catching up, anchored around the UK NCSC advice to boards.
• Cisco Talos has a good omnibus page with lots of useful content. Their current guidance section is a useful summary of the three vulnerabilities and what the patches do to resolve them, and they also share examples of exploitation activity.
• The Belgian Defence Ministry has announced that they were affected by an attack using log4j. Original article, Google Translation
• Reports of an log4j and RMI exploit being used to download Dridex.