Here you will find all the articles with the tag: log4j.
A third of all Log4j instances remains unpatched more than four months after the discovery of a highly critical vulnerability. Qualys research shows that about 30 percent of all applications, servers and systems running Log4j are still prone to Log4Shell, the infamous vulnerability. Remote hacke... Read more
11 months ago
The malware uses DNS tunneling for communications A recently discovered botnet under active development targets Linux systems, attempting to ensnare them into an army of bots ready to steal sensitive info, installing rootkits, creating reverse shells, and acting as web traffic proxies. The ne... Read more
11 months ago
The state sponsored TunnelVision group exploits critical Log4j flaw to infect targets with ransomware. Hackers aligned with the government of Iran are exploiting the critical Log4j vulnerability to infect unpatched VMware users with ransomware, researchers said this week. Security firm Sentin... Read more
12 months ago
SAP released patches for a series of vulnerabilities in its software portfolio. Multiple critical Log4j vulnerabilities were resolved. Most of the vulnerabilities were discovered by security specialist Onapsis. Onapsis found so-called ICMAD vulnerabilities that allow attackers to perform various... Read more
12 months ago
BlackBerry security researchers conclude that hacking group Prophet Spider is actively exploiting a Log4j vulnerability in unpatched VMware Horizon servers. In December 2021, VMware published a patch to fix a Log4j vulnerability in VMware Horizon. A month later, a UK government security team war... Read more
1 year ago
VMware is rushing to convince customers to apply the latest security guidance. According to several cybersecurity companies monitoring the situation, attackers are still targeting VMware Horizon servers through Log4J vulnerabilities. Two weeks ago, the UK's National Health Service (NHS)... Read more
1 year ago
A Log4j investigation led Microsoft to a new vulnerability related to the infamous SolarWinds attack of 2020. Microsoft states that the search for various Log4j vulnerabilities yielded a welcome byproduct. During a recent investigation, researchers stumbled upon a previously unknown vulnerabilit... Read more
1 year ago
Docker's software supply chain becomes more secure by providing a secure container registry to mitigate inherent risks Mirantis has just launched a new product, Secure Registry 3.0, to deploy and build secure registries across any Kubernetes distribution. The in-built security features let custo... Read more
1 year ago
Google and IBM see public-private partnerships as the solution to identifying and securing vulnerable open source software. "Open source software should receive the same funding as bridges and roads", said Kent Walker, Chief Legal Officer at Google. IBM and Google presented the solution during a... Read more
1 year ago
The UK's National Health Service (NHS) has issued a warning stating that hackers are actively exploiting Log4j vulnerabilities in unpatched VMware Horizon servers. Log4j vulnerabilities are everything but a concern of the past. The problem continues to claim victims. The UK NHS recently issued a... Read more
1 year ago
