Threat Post

Log4Shell Vulnerability Targeted in VMware Servers to Exfiltrate Data

CISA warns that threat actors are ramping up attacks against unpatched Log4Shell vulnerability in VMware servers. The Cybersecurity and Infrastructure Security Agency (CISA) and Coast Guard Cyber ...
ZDNet

These hackers used Log4Shell vulnerability to target US energy firms

State-backed hackers behind the infamous crypto-stealing group Lazarus are now using the Log4Shell flaw to breach energy firms in North America and Japan for purposes of espionage. Cisco's Talos ...
HHS

FritzFrog Botnet Exploits Log4Shell

Delivering more proof that the Log4Shell vulnerability is endemic, Akamai researchers detected botnet malware updated to use the flaw as an infection vector, supplementing its usual remote login brute ...
VentureBeat

CISA warns that Log4Shell remains a threat

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More Last week, the Cybersecurity and Infrastructure Security Agency (CISA) ...
Dark Reading

FritzFrog Botnet Exploits Log4Shell on Overlooked Internal Hosts

A new variant of an advanced botnet called "FritzFrog" has been spreading via Log4Shell. It's been more than two years since the critical vulnerability in Log4j was first unleashed unto this earth, ...
techtimes

CISA Issues New Log4Shell Risk Warning, Saying ALL VMWare Systems Unpatched Since 2021 as Compromised

CISA issues a new Log4Shell risk warning since the cybersecurity agency believes many VMWare systems are still vulnerable to this flaw. A participant uses a laptop computer as he takes part in the ...
techtimes

Lazarus Group Still Exploits Log4Shell: What Are Andariel's Recent Cyberattacks?

North Korean hackers remain relentless in exploiting the Log4Shell vulnerability worldwide. Recent reports reveal that these hackers, operating under the guise of "Andariel" within the Lazarus ...
Times Union

What is Log4j? A cybersecurity expert explains the latest internet vulnerability, how bad it is and what's at stake

Log4Shell, an internet vulnerability that affects millions of computers, involves an obscure but nearly ubiquitous piece of software, Log4j. The software is used to record all manner of activities ...
Tech.co

2021 Saw More Network Attacks Than Ever Despite Fewer Vulnerabilities

In 2021, the number of serious network vulnerabilities dropped almost 10% from the previous year, a new report found. Sounds good, right? But, across the same period, actual network attacks jumped 15% ...
Computer Weekly

Log4Shell on its way to becoming ‘endemic’

The Log4Shell vulnerability in Apache Log4j, which caused consternation across the technology industry when it surfaced at the end of 2021, will be with us for a long time to come, perhaps as long as ...
ZDNet

Log4j flaw: Why it will still be causing problems a decade from now

Despite a well-coordinated effort to rally organizations to patch to the major open-source software flaw, cybersecurity officials don't see an end to the Log4Shell problems for at least a decade. That ...
Government Technology

What We Learned from the Worst Cyber Vulnerabilities of 2021

Cybersecurity authorities in the U.S. and several other countries recently released a list of the 15 most “routinely exploited” vulnerabilities of 2021. Organizations should have already defended ...