Tag: log4j

Here you will find all the articles with the tag: log4j.

Nearly 4,000 organizations still vulnerable to Log4Shell

Nearly 4,000 organizations still vulnerable to Log4Shell

About just over a third of enterprise applications that rely on Log4j libraries are still using a version vulnerable to Log4Shell. That's according to figures from Veracode. Many companies still have not addressed the Log4j vulnerability in their applications, which has been known for two years,... Read more

date2 months ago
Log4Shell in 2023: big impact still reverberates

Log4Shell in 2023: big impact still reverberates

Log4Shell hit the market hard at the end of 2021. According to a recent story we published, it's still one of the biggest vulnerabilities, 18 months after it initially appeared. How serious is the threat of Log4Shell in 2023? Log4Shell continues to haunt us. The exploitation of a vulnerability i... Read more

date10 months ago
Log4Shell still a big problem after nearly a year and a half

Log4Shell still a big problem after nearly a year and a half

According to Arctic Wolf research, the Log4Shell vulnerability is still being massively abused a year after it was identified. Arctic Wolf collected data on global threats, malware, digital forensics and incident response (IR) cases. This to determine the key threat trends of 2022. "Arctic Wolf ... Read more

date11 months ago
New Linux botnet exploits Log4j

New Linux botnet exploits Log4j

The malware uses DNS tunneling for communications A recently discovered botnet under active development targets Linux systems, attempting to ensnare them into an army of bots ready to steal sensitive info, installing rootkits, creating reverse shells, and acting as web traffic proxies. The ne... Read more

date2 years ago
Iranian state hackers attack VMware Horizon servers

Iranian state hackers attack VMware Horizon servers

The state sponsored TunnelVision group exploits critical Log4j flaw to infect targets with ransomware. Hackers aligned with the government of Iran are exploiting the critical Log4j vulnerability to infect unpatched VMware users with ransomware, researchers said this week. Security firm Sentin... Read more

date2 years ago

SAP patches several critical Log4j vulnerabilities

SAP released patches for a series of vulnerabilities in its software portfolio. Multiple critical Log4j vulnerabilities were resolved. Most of the vulnerabilities were discovered by security specialist Onapsis. Onapsis found so-called ICMAD vulnerabilities that allow attackers to perform various... Read more

date2 years ago
‘Log4j in VMware Horizon is being exploited by access brokers’

‘Log4j in VMware Horizon is being exploited by access brokers’

BlackBerry security researchers conclude that hacking group Prophet Spider is actively exploiting a Log4j vulnerability in unpatched VMware Horizon servers. In December 2021, VMware published a patch to fix a Log4j vulnerability in VMware Horizon. A month later, a UK government security team war... Read more

date2 years ago
Log4J hackers continue targeting VMware Horizon servers

Log4J hackers continue targeting VMware Horizon servers

VMware is rushing to convince customers to apply the latest security guidance. According to several cybersecurity companies monitoring the situation, attackers are still targeting VMware Horizon servers through Log4J vulnerabilities.  Two weeks ago, the UK's National Health Service (NHS)... Read more

date2 years ago
1 2 3