Tag: Log4shell
Log4Shell remains a favorite in the cybercriminal arsenal
The flaw in the Log4j component, known as “Log4Shell”, should have been fixed by the organizations several months ago. But some systems that remained vulnerable are still being used by…
Log4Shell used to infect VMware Horizon servers with backdoors and cryptocurrency miners
The Log4Shell vulnerability is still exploited to provide backdoors and cryptocurrency miners to vulnerable VMware Horizon servers. On Tuesday, cybersecurity researchers at Sophos revealed that the attacks first detected in…
Log4Shell: An inventory
Many observers from the security scene rated the Log4Shell vulnerability as one, if not the greatest software vulnerability of all. Even the initial CVSS score of 10 made most admins…
Ukraine: the Log4shell flaw exploited to “destabilize the country”
The context and scale of the cyberattack that has targeted Ukraine since January 14 are becoming clearer. According to Ukrainian intelligence and police, the hackers notably used the Log4shell flaw…
Botnet, coin miners, ransomware: where is the Log4Shell threat?
The Log4shell flaw is far from a thing of the past. Microsoft cybersecurity teams point to massive exploitation of the vulnerability in multiple forms. The year 2022 is off to…
Monday: Y2K22 bug & Log4Shell security vulnerability affect e-mail & server
At the beginning of the year, we are still dealing with bugs and security vulnerabilities. The Y2K22 bug, which causes Exchange mail delivery to stumble and for which there have…
Log4Shell: VPN provider implements protection for its users
VPN December 14, 2021 at 3:33 pm The VPN provider ExpressVPN said it was the first service to provide protection for the recently discovered Log4Shell security gap. How you activate…
Log4J: Crowdstrike identifies a cyberespionage campaign exploiting the Log4Shell flaw
Cyber security firm Crowdstrike has discovered an attempted infiltration of an academic institution by a China-based group, via the Log4J vulnerability. Crowdstrike dubbed the group “Aquatic Panda” and said it…
Log4Shell flaw: the Cesin publishes a help kit for companies
As the Log4Shell flaw continues to worry the global internet ecosystem, the Information and Digital Security Experts Club (Cesin) has released a kit to help businesses and institutions deal with…
Log4Shell: researchers find a flaw in renaming an iPhone (or a Tesla)
Nathan Le Gohlisse Hardware Specialist December 22, 2021 at 2:30 p.m. 7 © TierneyMJ / Shutterstock Made public for a little over a week, the Log4Shell flaw gives rise to…
Log4shell – The biggest Internet security hole is becoming more and more dangerous
PublishedDecember 21, 2021, 4:33 pm For more than a week, a huge vulnerability on the Internet has kept security experts on their toes. Now a cybersecurity researcher claims to have…