It’s been four months since Log4Shell, a critical zero-day vulnerability in the ubiquitous Apache Log4j library, was discovered, and threat analysts warn that the application of the available fixes is ...

The Log4shell vulnerability was a weakness in the JNDI lookup functionality of Log4j2, between version 2.0 and 2.14. This allowed an attacker, who had control over what was printed in the logs (for ...

Security teams around the globe are scrambling to fix Log4Shell, a critical security flaw in Log4j, an open source logging software that’s found practically everywhere from online games to enterprise ...

Log4Shell is the vulnerability that keeps giving. Yet another ransomware group is at work exploiting a bug present in a ubiquitous open-source data-logging framework. See Also: Know Thy Enemy: Threats ...

Log4Shell is one of the most critical and widespread vulnerabilities found in the past decade (CVE-2021-44228) impacting Log4J, a highly popular Java library used in millions of applications as part ...

Conti has become the first professional-grade, sophisticated ransomware group to weaponize Log4j2, now with a full attack chain. The Conti ransomware gang, which last week became the first ...

CISA released its own Log4J scanner this week alongside a host of other scanners published by cybersecurity companies and researchers. The open-sourced Log4j scanner is derived from scanners created ...

Imagine the scene: a severe vulnerability emerges that affects organisations worldwide, allowing unauthorised access to highly sensitive data. This scenario happened in late 2021 when a popular open ...

The so-called Log4Shell vulnerability in the Apache Log4j2 Java-based logging library has been described variously as “probably the most critical vulnerability we have seen this year” by Qualys’s ...

The ongoing exploit activities of the Log4Shell vulnerability (CVE-2021-44228) in the popular Apache Log4j open source logging tool remain on a high level one year after it was first disclosed on ...