On December 9, 2021, a critical zero-day vulnerability affecting Apache’s Log4j2 library, a Java-based logging utility, was disclosed to the world and broke the internet. As the third most used ...

The discovery, which affects services running as localhost that aren’t exposed to any network or the internet, vastly widens the scope of attack possibilities. Defenders will once again be busy ...

Takeaway: CISA and CGYBER recommend all organizations who did not immediately apply available patches to assume Log4Shell compromise and initiate threat hunting activities. In December 2021, the world ...

North Korean hackers are still exploiting Log4Shell around the world. And lately, they're using that access to attack organizations with one of three new remote access Trojans (RATs) written in the ...

Researchers from CrowdStrike disrupted an attempt by the threat group to steal industrial intelligence and military secrets from an academic institution. Cyber criminals, under the moniker Aquatic ...

North Korean hackers remain relentless in exploiting the Log4Shell vulnerability worldwide. Recent reports reveal that these hackers, operating under the guise of "Andariel" within the Lazarus ...

Software dependencies and third-party products make detecting Log4j exploits tough, but this advice and some specialized tools can help. The string of vulnerabilities found over the past few weeks in ...

Bernd Greifeneder is the CTO and Founder of Dynatrace, a software intelligence company that helps to simplify enterprise cloud complexity. Rarely has an obscure piece of open-source code captured the ...

The Log4Shell critical vulnerability that impacted millions of enterprise applications remains a common cause for security breaches a year after it received patches and widespread attention and is ...