ZDNet

Log4j zero-day flaw: What you need to know and how to protect yourself

Accelerate your tech game Paid Content How the New Space Race Will Drive Innovation How the metaverse will change the future of work and society Managing the ...
TechRepublic

Log4j: How to protect yourself from this security vulnerability

The Log4j security vulnerability known as Log4Shell is shaping up to be one of the worst security flaws of the year, potentially affecting millions of applications and painting a bullseye on unpatched ...
CRN

12 Cybersecurity Vendors Susceptible To The Log4j Vulnerability

Vulnerable Log4j code can be found in products from prominent identity vendors like CyberArk, ForgeRock, Okta and Ping Identity, as well as SMB-focused security companies like Fortinet, SonicWall, and ...
TechSpot

Microsoft Defender gets new functions to fight Log4j

In brief: Microsoft has announced updates for cloud-based versions of its security software to fight the Log4j vulnerability. Log4j has mostly been patched but can still affect some servers that could ...
CSOonline

Detect and Remediate the Exploitation of the Log4j Vulnerability

Most likely bad actors already knew about this prior to December 9 th as it’s been reported that the vulnerability was exposed much earlier in Minecraft chat forums. The vulnerability exposes how the ...
Redmond Magazine

Microsoft Sentinel Gets Log4j Exploit Detector Preview

Microsoft added a preview solution in Microsoft Sentinel that helps IT pros find signs of Log4j exploits, according to a Thursday announcement and Twitter post. The Log4j exploit detection preview ...
CRN

Ransomware Gang Hijacking Log4j Bug To Hit Minecraft Servers

Outside of the ransomware space, Iranian hacking group APT 35 has attempted to exploit the Log4j flaw against seven targets in the Israeli government and business sector over the past day, Check Point ...
Dark Reading

What to Do While Waiting for the Log4j Updates

Researchers are warning that attackers are actively exploiting the newly publicized unauthenticated remote code execution vulnerability in Log4j, the Java-based logging tool from Apache. While the ...
Dark Reading

40% of Corporate Networks Targeted by Attackers Seeking to Exploit Log4j

Early concerns about the Log4j vulnerability posing one of the biggest threats to Internet security in recent memory are quickly being confirmed with exploits and exploit activity targeting the flaw ...
The Next Web

The Log4j bug exposes a bigger issue: Open-source funding (Updated)

Update (December 14 ,2021): We’ve updated this article with information about the new Log4j version release, along with new exploit vectors, and risks related to all Java versions. While you were ...
CSOonline

CISA sees no significant harm from Log4j flaws but worries about future attacks

The U.S. cybersecurity agency can't rule out that adversaries are using Log4j to gain persistent access to launch attacks later. Officials at the U.S. Cybersecurity and Infrastructure Security Agency ...