Log4j BlindSpots
Apache Java logging library log4j‘s popularity and its ability to hide in code,landmines hiding in infrastructure due to log4j’s Log4Shell security vulnerabilities. The good news is there are scanning tools that…
Log4j Update ! Even 2.17 is Exploitable
Another security vulnerability impacting the Log4j logging library was published as CVE-2021-44832. This new security vulnerability is affecting versions up to 2.17.0, which was previously thought to be fixed. This vulnerability is…
LOG4j New Attack Vector Exploited
Researchers devised a new attack vector that relies on a JavaScript WebSocket connection to exploit the Log4Shell vulnerability on internal and locally exposed unpatched Log4j applications. This new attack vector…
TellYouThePass Ransomware Exploits Log4j
An old and relatively inactive ransomware family known as TellYouThePass, now active and deploying it in attacks against Windows and Linux devices targeting a critical remote code execution bug in…
Log4j it’s Worsens One More Time !
The issues with Log4j continued to stack up as the Apache Software Foundation (ASF) rolled out yet another patch version 2.17.0 for the widely used logging library that could be…
Log4J Exploit Mitigation Incomplete !
A second vulnerability involving Apache Log4j was found after experts spent days attempting to patch or mitigate CVE-2021-44228. The description of the new vulnerability, CVE 2021-45046, says the fix to…
Khonsari Ransomware Next to Exploit Log4J
Romanian cybersecurity technology company Bitdefender revealed that attempts are being made to target Windows machines with a new ransomware family called Khonsari, as well as a remote access trojan called…
Biggies Responds to Log4j Nightmare
All Big tech players are responding to the disclosure of a critical vulnerability affecting the widely used Log4j logging utility, as exploitation attempts are on the rise. Apache Log4j is…