Tag: Log4j
A year after the discovery of Log4j, the extreme vulnerability of organizations that have not applied the patches
If you have not yet applied the Log4j security patches, you can consider that your network is compromised, have just alerted in a joint security note the CISA, the American…
From SolarWinds to Log4j: The Global Impact of Today’s Cybersecurity Vulnerabilities
If companies have learned anything over the past year, it’s that the impact of targeted cyberattacks and security breaches is now widespread. From the fallout from the SolarWinds software supply…
Log4j, Exchange and Confluence vulnerabilities lead the ranking of the most exploited vulnerabilities
In 2021, the top 15 exploited vulnerabilities – observed by the US Cyber and Infrastructure Security Agency, US NSA, US FBI, Australian Center for Cybersecurity, Canadian Center for Cybersecurity, New…
Log4j: Attackers continue to target VMware Horizon servers
According to several cybersecurity firms, attackers are still targeting VMware Horizon servers through Log4j vulnerabilities. Two weeks ago, the UK’s National Health Service (NHS) issued a warning that an “unknown…
Log4j: the White House brings together the cream of tech to discuss the security of open source
A meeting should discuss how to secure open source, with, between the lines, the question of financing crucial projects for tech. In recent years, we have seen an accumulation of…
The hunt for the vulnerabilities of Log4j is proving to be particularly complex
Free software is ubiquitous today, but the Log4j flaw, which affects enterprise Java applications, is a reminder of what can go wrong in the complex supply chain of modern software.…
Warning level red because of Log4j: You have to do that now
CURRENT FRAUD WARNINGS December 13, 2021 at 12:57 pm The Federal Office for Information Security has declared the warning level red due to a security gap in the Java library…
Log4J: Crowdstrike identifies a cyberespionage campaign exploiting the Log4Shell flaw
Cyber security firm Crowdstrike has discovered an attempted infiltration of an academic institution by a China-based group, via the Log4J vulnerability. Crowdstrike dubbed the group “Aquatic Panda” and said it…
Log4j: White House asks companies to improve the security of open source software
The White House in January 2014, under the snow. Photo: The White House / Wikimedia Commons / CC0 – public domain The National Security Advisor to the President of the…
Ransomware: Conti is also interested in Log4J
The Shutterfly company reported a ransomware attack on Sunday. The incident was first reported by Bleeping Computer, indicating that the company had been attacked by the Conti ransomware group. In…
Log4j: the main suppliers rush to correct the flaws
The holiday season is shaping up to be busy for those patching systems affected by the critical vulnerability in the Java Log4j logging library. IBM has confirmed that several of…
Log4j: CISA and Crowdstrike publish their detection tool
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released its own Log4J flaw detection tool this week, along with many other cybersecurity companies and researchers. Open source, this tool is…