Here you will find all the articles with the tag: log4j.
About just over a third of enterprise applications that rely on Log4j libraries are still using a version vulnerable to Log4Shell. That's according to figures from Veracode. Many companies still have not addressed the Log4j vulnerability in their applications, which has been known for two years,... Read more
5 months ago
Log4Shell hit the market hard at the end of 2021. According to a recent story we published, it's still one of the biggest vulnerabilities, 18 months after it initially appeared. How serious is the threat of Log4Shell in 2023? Log4Shell continues to haunt us. The exploitation of a vulnerability i... Read more
12 months ago
According to Arctic Wolf research, the Log4Shell vulnerability is still being massively abused a year after it was identified. Arctic Wolf collected data on global threats, malware, digital forensics and incident response (IR) cases. This to determine the key threat trends of 2022. "Arctic Wolf ... Read more
1 year ago
A third of all Log4j instances remains unpatched more than four months after the discovery of a highly critical vulnerability. Qualys research shows that about 30 percent of all applications, servers and systems running Log4j are still prone to Log4Shell, the infamous vulnerability. Remote hacke... Read more
2 years ago
The malware uses DNS tunneling for communications A recently discovered botnet under active development targets Linux systems, attempting to ensnare them into an army of bots ready to steal sensitive info, installing rootkits, creating reverse shells, and acting as web traffic proxies. The ne... Read more
2 years ago
The state sponsored TunnelVision group exploits critical Log4j flaw to infect targets with ransomware. Hackers aligned with the government of Iran are exploiting the critical Log4j vulnerability to infect unpatched VMware users with ransomware, researchers said this week. Security firm Sentin... Read more
2 years ago
SAP released patches for a series of vulnerabilities in its software portfolio. Multiple critical Log4j vulnerabilities were resolved. Most of the vulnerabilities were discovered by security specialist Onapsis. Onapsis found so-called ICMAD vulnerabilities that allow attackers to perform various... Read more
2 years ago
BlackBerry security researchers conclude that hacking group Prophet Spider is actively exploiting a Log4j vulnerability in unpatched VMware Horizon servers. In December 2021, VMware published a patch to fix a Log4j vulnerability in VMware Horizon. A month later, a UK government security team war... Read more
2 years ago
VMware is rushing to convince customers to apply the latest security guidance. According to several cybersecurity companies monitoring the situation, attackers are still targeting VMware Horizon servers through Log4J vulnerabilities. Two weeks ago, the UK's National Health Service (NHS)... Read more
2 years ago
A Log4j investigation led Microsoft to a new vulnerability related to the infamous SolarWinds attack of 2020. Microsoft states that the search for various Log4j vulnerabilities yielded a welcome byproduct. During a recent investigation, researchers stumbled upon a previously unknown vulnerabilit... Read more
2 years ago
