Wired

The FTC Wants Companies to Find Log4j Fast. It Won't Be Easy

On December 9, when the Apache Software Foundation disclosed a massive vulnerability in Log4j, its Java logging library, it triggered a cat-and-mouse game as IT professionals raced to secure their ...
Bleeping Computer

New Linux botnet exploits Log4J, uses DNS tunneling for comms

A recently discovered botnet under active development targets Linux systems, attempting to ensnare them into an army of bots ready to steal sensitive info, installing rootkits, creating reverse shells ...