Bleeping Computer

Lazarus hackers drop new RAT malware using 2-year-old Log4j bug

The notorious North Korean hacking group known as Lazarus continues to exploit CVE-2021-44228, aka "Log4Shell," this time to deploy three previously unseen malware families written in DLang. The new ...
Infosecurity-magazine.com

RSAC: Log4J Still Among Top Exploited Vulnerabilities, Cato Finds

Three years after its discovery, the Log4J vulnerability (CVE-2021-44228) exploit remains one of the most attempted exploits observed by cloud security provider Cato Networks. Cato Cyber Threat ...
Hosted on MSN

Apache Log4j - The Exploit That Nearly Brought Down the Internet

A single flaw in Apache Log4j spiraled into one of the most dangerous exploits ever found. Experts warned it could have taken down the entire internet. Judge sides with ACLU in major blow to ICE Ford ...
Times Union

What is Log4j? A cybersecurity expert explains the latest internet vulnerability, how bad it is and what's at stake

Log4Shell, an internet vulnerability that affects millions of computers, involves an obscure but nearly ubiquitous piece of software, Log4j. The software is used to record all manner of activities ...
AOL

Log4j: Why this massive security flaw is impacting nearly all of the internet

A major cybersecurity vulnerability is impacting nearly all of the internet, sending everything from financial institutions to government entities scrambling to patch their systems, before ...
CSOonline

Detect Log4j Attacks Hiding in Encrypted Traffic

ExtraHop threat researchers have observed attackers in the wild using encrypted traffic to avoid detection of Log4Shell attacks. This is consistent with the general trend of cyberattackers using ...
Bleeping Computer

Over 30% of Log4J apps use a vulnerable version of the library

Roughly 38% of applications using the Apache Log4j library are using a version vulnerable to security issues, including Log4Shell, a critical vulnerability identified as CVE-2021-44228 that carries ...