GIGAZINE

Log4j library zero-day vulnerability 'Log4Shell' is attacking vulnerable servers one after another, and you can do whatever you want, such as installing virtual currency miners ...

Log4Shell is a vulnerability found in the feature 'JNDI Lookup' that has been included since version 2.0 beta 9 of Log4j, which dynamically reads a class file from any LDAP server with a specific ...
PC Magazine

CISA: Hackers Continue to Exploit Log4Shell in Unpatched VMware Servers

VMware released patches related to Log4Shell, a vulnerability in a popular Java framework that left countless servers at risk, in December 2021. Yet the Cybersecurity and Infrastructure Security ...
PC Magazine

CISA: Hackers Continue to Exploit Log4Shell in Unpatched VMware Servers

I've been writing about tech, including everything from privacy and security to consumer electronics and startups, since 2011 for a variety of publications.
Dark Reading

One Year After Log4Shell, Most Firms Are Still Exposed to Attack

The Log4j vulnerability continues to present a major threat to enterprise organizations one year after the Apache Software Foundation disclosed it last November — even though the number of publicly ...
Bleeping Computer

US govt: Iranian hackers breached federal agency using Log4Shell exploit

The FBI and CISA revealed in a joint advisory published today that an unnamed Iranian-backed threat group hacked a Federal Civilian Executive Branch (FCEB) organization to deploy XMRig cryptomining ...
Homeland Security Today

Malicious Cyber Actors Continue to Exploit Log4Shell in VMware Horizon Systems

CISA and the United States Coast Guard Cyber Command (CGCYBER) have released a joint Cybersecurity Advisory (CSA) to warn network defenders that cyber threat actors, including state-sponsored advanced ...