Threat Post

‘Long Live Log4Shell’: CVE-2021-44228 Not Dead Yet

The ubiquitous Log4j bug will be with us for years. John Hammond, senior security researcher at Huntress, discusses what’s next. Jen Easterly, the director of the Cybersecurity and Infrastructure ...
Bleeping Computer

Over 30% of Log4J apps use a vulnerable version of the library

Roughly 38% of applications using the Apache Log4j library are using a version vulnerable to security issues, including Log4Shell, a critical vulnerability identified as CVE-2021-44228 that carries ...
Computer Weekly

Top three questions about the Log4j vulnerability

In December 2021, a vulnerability in the open source Log4J logging service used by developers to monitor their Java applications first came to light, leaving enterprises scrambling to patch affected ...
techtimes

Log4j Scanner by CISA Has Been Released to Look for Security Vulnerabilities, Flaws from Apps

The scanner specifically looks for the critical vulnerabilities from the two Apache Log4j remote code executions, such as the CVE-2021-45046 and the CVE-2021-44228, as per the news story by Bleeping ...
Threat Post

Microsoft Sees Rampant Log4j Exploit Attempts, Testing

Microsoft says it’s only going to get worse: It’s seen state-sponsored and cyber-criminal attackers probing systems for the Log4Shell flaw through the end of December. No surprise here: The holidays ...
Becker's Hospital Review

CISA sounds alarms on most exploited cybersecurity vulnerabilities

The Cybersecurity and Infrastructure Security Agency issued an advisory April 27 warning organizations to apply timely patches and implement a centralized patch management system to reduce their risk ...
adtmag.com

Companies Facing FTC Legal Action Over Log4j Breaches

The U.S. Federal Trade Commission (FTC) intends to use its "full legal authority to pursue companies that fail to take reasonable steps to protect consumer data from exposure as a result of the Log4j ...