Threat Post

Log4j Exploit: Lessons Learned and Risk Reduction Best Practices

On-demand Event: Watch NOW to learn why the Log4j vulnerability is so severe and easy steps you can take to mitigate your risk. On-demand Event: Watch NOW to learn why the Log4j vulnerability remains ...
Dark Reading

'Proxyjacking' Cybercriminals Exploit Log4j in Emerging, Lucrative Cloud Attacks

Threat actors have found a lucrative new attack vector that hijacks legitimate proxyware services, which allow people to sell portions of their Internet bandwidth to third parties. In large-scale ...
ITWire

Logjam: Log4j exploit attempts continue in globally distributed scans, attacks

**COMPANY NEWS:** Since the first vulnerability in the Apache Foundation’s Log4j logging tool was revealed on 10 December, three sets of fixes to the Java library have been released as additional ...
BizTech

In the Wake of Log4j Exploits, How Can Businesses Protect Themselves?

Ernie Smith is a former contributor to BizTech, an old-school blogger who specializes in side projects, and a tech history nut who researches vintage operating systems for fun. Late last year, a major ...
Dark Reading

One Year After Log4Shell, Most Firms Are Still Exposed to Attack

The Log4j vulnerability continues to present a major threat to enterprise organizations one year after the Apache Software Foundation disclosed it last November — even though the number of publicly ...
VentureBeat

Many orgs are still failing to address Log4j — here’s why

Want smarter insights in your inbox? Sign up for our weekly newsletters to get only what matters to enterprise AI, data, and security leaders. Subscribe Now Out of all the vulnerabilities discovered ...
VentureBeat

Why VMware Horizon became a ‘top choice’ for Log4j attacks

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More VMware Horizon has turned into one of the most popular targets for ...
ZDNet

Log4j flaw: Thousands of applications are still vulnerable, warn security researchers

Months on from a critical zero-day vulnerability being disclosed in the widely-used Java logging library Apache Log4j, a significant number of applications and servers are still vulnerable to ...
ZDNet

Within hours of the Log4j flaw being revealed, these hackers were using it

A prolific and likely state-backed hacking group repeatedly targeted several US state governments by using software vulnerabilities in web applications and then later scanning for Log4j ...
techtimes

State-Sponsored Iranian Hackers Deploy Log4j Security Flaw to Infect Unpatched VMware Users With Ransomware

The Log4j vulnerability once again appeared in compromised systems after the state-sponsored hackers from Iran reportedly attacked the VMware users. According to cybersecurity analysts, the notorious ...
Bleeping Computer

Iranian hackers target VMware Horizon servers with Log4j exploits

An Iranian-aligned hacking group tracked as TunnelVision was spotted exploiting Log4j on VMware Horizon servers to breach corporate networks in the Middle East and the United States. Security analysts ...
SiliconANGLE

Major security bugs are a long-term threat: Here’s why and what’s next

The technology world is entering a new phase where code complexity and widespread use of global software tools have opened the door for a damaging security flaw that can last for years. The urgency to ...