What is Log4Shell and why is it still dangerous a year later?
A year ago, in December 2021, the Log4Shell vulnerability (CVE-2021-44228) in the Apache Log4j library caused a sensation. Although by the spring it was no longer on the front pages of IT media outlets, in November 2022 it reemerged when it was reported that cybercriminals had exploited the vulnerability to attack a US federal agency…