This is usually not something to worry about - it isn't necessarily an actual attack. The ^null$
"attack" is simply a client connection terminating without sending any HTTP request (i.e. a connection is established to your web server, but no request is received).
If you had multiple attempts on your server from a single IP, or many ^null$
entries per IP, then you may have evidence of a concerted attempt. As it is, I would suggest you can safely ignore the example log you've given above.