A critical flaw patched in the Apache Commons Text library has sparked comparisons with the ‘Log4Shell’ bug that surfaced in the near-ubiquitous open source component Log4j...
The rush to patch systems affected by the landmark Log4Shell vulnerability has coincided with a wider improvement in patching rates for the most critical flaws, a...
A Log4Shell de-obfuscation tool that promises simple, rapid payload analysis without the risk of “critical side effects” has been showcased at Black Hat USA. The open source...
The ‘Log4Shell’ vulnerability in open source library Log4j has reached “endemic” proportions and the aftershock could reverberate for “a decade or longer”, according to a landmark US government...
“Vulnerable instances of Log4j will remain in systems for many years to come, perhaps a decade or longer,” the Cyber Safety Review Board (CSRB) has concluded....
If your organization is running VMware Horizon and Unified Access Gateway servers and you haven’t implemented the patches or workarounds to fix/mitigate the Log4Shell vulnerability (CVE-2021-44228)...
The North Korean hacking group known as Lazarus is exploiting the Log4J remote code execution vulnerability to inject backdoors that fetch information-stealing payloads on VMware Horizon...
It’s been over a year since the SolarWinds supply chain hack sent shockwaves through thousands of organizations worldwide, but this cybersecurity earthquake is by no means over. More...
It’s been four months since Log4Shell, a critical zero-day vulnerability in the ubiquitous Apache Log4j library, was discovered, and threat analysts warn that the application of...
Patches meant to protect containers Amazon Web Services (AWS) containers against the dangerous Log4Shell bug had critical vulnerabilities that could allow malicious containers to compromise the...
Recent Comments