Threat Post

Microsoft Sees Rampant Log4j Exploit Attempts, Testing

Microsoft says it’s only going to get worse: It’s seen state-sponsored and cyber-criminal attackers probing systems for the Log4Shell flaw through the end of December. No surprise here: The holidays ...
PC Magazine

What Is the Log4j Exploit, and What Can You Do to Stay Safe?

Hackers could take control of millions of servers, shutting them down or forcing them to spew malware due to widely-used faulty code. Here's how it happened, and what can you do to protect yourself.
HotHardware

Hosting Your Own Minecraft Server? Patch Now And Protect From Log4j Ransomware Attacks

Are you tired of hearing about Log4shell yet? Well settle in, because a top-3-worst-security-exploit-ever doesn't vanish overnight. Microsoft updated its article about the flaw (which we mentioned on ...
ZDNet

Log4j flaw: Attackers are making thousands of attempts to exploit this severe vulnerability

Cyber attackers are making over a hundred attempts to exploit a critical security vulnerability in Java logging library Apache Log4j every minute, security researchers have warned. The Log4j flaw ...
BGR

Nation-State Hackers Are Already Exploiting The Scary Log4j Vulnerability

Security researchers recently stunned the world with the Log4Shell hack, revealing that the entire internet is scrambling to patch a vulnerability in a widely used Java utility that many companies ...
Yahoo

What is Log4j? A cybersecurity expert explains the latest internet vulnerability, how bad it is and what's at stake

Log4Shell, an internet vulnerability that affects millions of computers, involves an obscure but nearly ubiquitous piece of software, Log4j. The software is used to record all manner of activities ...
InfoWorld

What app developers need to do now to fight Log4j exploits

Why you may already be at risk, how to detect and mitigate the Log4j vulnerabilities now, and how to improve your code security in the future. Earlier this month, security researchers uncovered a ...
HotHardware

Homeland Security Expands Its Hack DHS Bug Bounty As Log4j Threat Intensifies

If you're reading this, you probably don't need to be told that a "bug bounty" is a cash prize paid to security researchers that find a software exploit. Non-USians might need to be told that "DHS" ...
Threat Post

Log4Shell Is Spawning Even Nastier Mutations

What some call the worst cybersecurity catastrophe of the year – the Apache Log4j logging library exploit – has spun off 60 bigger mutations in less than a day, researchers said. The internet has a ...
The Verge

Log4j is patched, but the exploits are just getting started

Peter Membrey, chief architect of ExpressVPN, remembers vividly seeing the news of the Log4j vulnerability break online. “As soon as I saw how you could exploit it, it was horrifying,” says Membrey.
Forbes

Will The Log4j Exploit Move Leaders To Heed Cybersecurity Warnings?

WASHINGTON, DC - AUGUST 25: U.S. President Joe Biden speaks during a meeting about cybersecurity in the East Room of the White House on August 25, 2021 in Washington, DC. Members of the Biden cabinet, ...