On December 9, 2021, a critical zero-day vulnerability affecting Apache’s Log4j2 library, a Java-based logging utility, was disclosed to the world and broke the internet. As the third most used ...

Takeaway: CISA and CGYBER recommend all organizations who did not immediately apply available patches to assume Log4Shell compromise and initiate threat hunting activities. In December 2021, the world ...

North Korean hackers are still exploiting Log4Shell around the world. And lately, they're using that access to attack organizations with one of three new remote access Trojans (RATs) written in the ...

Software dependencies and third-party products make detecting Log4j exploits tough, but this advice and some specialized tools can help. The string of vulnerabilities found over the past few weeks in ...

Researchers from CrowdStrike disrupted an attempt by the threat group to steal industrial intelligence and military secrets from an academic institution. Cyber criminals, under the moniker Aquatic ...

Log4Shell, the critical bug in Apache's widely used Log4j project, hasn't triggered the disaster that was feared, but it's still being exploited and predominantly from cloud computers in the US. The ...

Imagine the scene: a severe vulnerability emerges that affects organisations worldwide, allowing unauthorised access to highly sensitive data. This scenario happened in late 2021 when a popular open ...

Analysts find at least 10 Linux botnets actively exploiting Log4Shell flaw. Cybersecurity professionals across the world have been scrambling to shore up their systems against a critical remote ...