A year ago, as Russia amassed troops at its border with Ukraine and the Covid-19 Omicron variant began to surge around the world, the Apache Software Foundation disclosed a vulnerability that set off ...

Hackers believed to be part of the Iranian APT35 state-backed group (aka 'Charming Kitten' or 'Phosphorus') has been observed leveraging Log4Shell attacks to drop a new PowerShell backdoor. The ...

A vulnerability in the open source Apache logging library Log4j sent system administrators and security professionals scrambling over the weekend. Known as Log4Shell, the flaw is exposing some of the ...

Security teams at companies large and small are scrambling to patch a previously unknown vulnerability called Log4Shell, which has the potential to let hackers compromise millions of devices across ...

The close of 2021 brought to light one of the biggest security vulnerabilities that cyber practitioners have seen in some time. I’m talking, of course, about Log4j, or Log4Shell as it’s otherwise ...

Tom Kellermann, VMware's head of cybersecurity strategy, said the Log4j vulnerability is one of the worst vulnerabilities he has seen in his career -- and one of the ...

Software dependencies and third-party products make detecting Log4j exploits tough, but this advice and some specialized tools can help. The string of vulnerabilities found over the past few weeks in ...

A bug in the ubiquitous Log4j library can allow an attacker to execute arbitrary code on any system that uses Log4j to write logs. Does yours? Yesterday the Apache Foundation released an emergency ...

An Iranian-aligned hacking group tracked as TunnelVision was spotted exploiting Log4j on VMware Horizon servers to breach corporate networks in the Middle East and the United States. Security analysts ...