https://securityaffairs.com/125577/security/log4shell-known-exploited-vulnerabilities-catalog.html
CISA adds Log4Shell flaw to the Known Exploited Vulnerabilities Catalog
Dec 13, 2021 - US CISA added 13 new flaws to the Known Exploited Vulnerabilities Catalog, including Apache LogShell Log4j and Fortinet FortiOS bugs
to thecisaaddslog4shellflaw
https://snyk.io/es/videos/log4shell-vulnerability-and-application-security/
What has the Log4shell vulnerability taught us about application security? | Snyk
application securitylog4shellvulnerability
https://dev.to/longyc/22nd-weekly-post-remaining-ratio-also-log4shell-1hh8
22nd weekly post, remaining ratio. Also, Log4Shell. - DEV Community
Items of the week CSS - aspect-ratio can be used to set a preferred width-to-height ratio... Tagged with css, aws, java.
weekly post22ndremainingratioalso
https://www.trendmicro.com/es_es/research/22/g/log4shell-vulnerability-in-vmware-leads-to-data-exfiltration-and-ransomware.html
Log4Shell Vulnerability in VMware Leads to Data Exfiltration and Ransomware | Trend Micro (ES)
Jun 28, 2022 - We analyzed cases of a Log4Shell vulnerability being exploited in certain versions of the software VMware Horizon. Many of these attacks resulted in data being...
https://www.itpro.com/security/zero-day-exploit/361819/what-is-log4shell-log4j-vulnerability
What is the Log4Shell vulnerability? | IT Pro
Mar 25, 2026 - The critical flaw affecting products built using Java is set to cause headaches in the enterprise for months to come
what islog4shellvulnerabilitypro
https://cyberscoop.com/iranian-hackers-log4shell-crypto/
Iranian hackers use Log4Shell to mine crypto on federal computer system | CyberScoop
Nov 16, 2022 - Iranian hackers utilized a flaw in the ubiquitous open-source software library Log4j to breach a U.S. federal agency.
https://snyk.io/blog/log4shell-remediation-with-snyk-by-the-numbers/
Log4Shell remediation with Snyk by the numbers | Snyk
Feb 4, 2022 - Check out this handy infographic to learn more about the Log4Shell timeline, how much time and money our customers have saved by using Snyk, and what some of...
by thelog4shellremediationsnyknumbers
https://www.techtarget.com/searchsecurity/news/252513895/ISC2-study-finds-long-remediation-times-for-Log4Shell
(ISC)2 study finds long remediation times for Log4Shell | TechTarget
A survey conducted by (ISC)2 found that while Log4Shell has caused many time-consuming problems for cybersecurity professionals, there is hope in the field.
isc 2study findslongremediationtimes
https://www.boozallen.com/insights/cyber/tech/log4shell-and-log4j-vulnerability.html
Log4Shell and Log4j Vulnerability
Log4j vulnerability opens the need for continued and persistent cyber hunt operations.
log4shelllog4jvulnerability
https://www.trendmicro.com/de_de/what-is/apache-log4j-vulnerability.html
Was ist die Apache Log4j/Log4Shell vulnerability? | Trend Micro (DE)
Luka Die Log4J- oder Log4Shell vulnerability, eine kritische Schwachstelle in der weit verbreiteten Java-basierten Login-Bibliothek Apache Log4j.
apache log4jtrend microistdielog4shell
https://thehackernews.com/2022/01/initial-access-broker-involved-in.html?m=1
Initial Access Broker Involved in Log4Shell Attacks Against VMware Horizon Servers
Researchers link an initial access broker to recent Log4Shell attacks against unpatched VMware Horizon servers.
initial access brokervmware horizoninvolved
https://www.dynatrace.com/news/blog/zero-day-vulnerability-management-avert-log4shell/
Zero-day vulnerability management: Averting the next Log4Shell
Learn more about the evolving landscape of zero-day vulnerability management in the wake of Log4Shell.
zero day vulnerabilitythe nextmanagementlog4shell
https://www.trendmicro.com/ru_ru/research/22/g/log4shell-vulnerability-in-vmware-leads-to-data-exfiltration-and-ransomware.html
Log4Shell Vulnerability in VMware Leads to Data Exfiltration and Ransomware | Trend Micro (RU)
Jun 28, 2022 - We analyzed cases of a Log4Shell vulnerability being exploited in certain versions of the software VMware Horizon. Many of these attacks resulted in data being...
https://www.helpnetsecurity.com/2021/12/23/log4shell-avoided/
Log4Shell is a dumpster fire that should have been avoided - Help Net Security
Dec 23, 2021 - Log4Shell should have been avoided by following basic IT hygiene guidance, but the internet has not been built by way of hygiene.
https://www.computerweekly.com/news/366546993/Log4Shell-ProxyShell-still-among-most-widely-exploited-flaws
Log4Shell, ProxyShell still among most widely exploited flaws | Computer Weekly
New statistics released by the collective Five Eyes cyber agencies reveals insight into the most exploited vulnerabilities of 2022, and unsurprisingly there...
log4shellstillamongwidelyexploited
https://www.itpro.com/security/vulnerability/361874/news-in-review-log4shell-google-vaccines-popular-passwords
IT Pro News In Review: Log4Shell vulnerability, Google vaccine policy, most common passwords 2021 |...
Dec 17, 2021 - Catch up on the biggest headlines of the week in just two minutes
https://www.trendmicro.com/en_gb/research/22/g/log4shell-vulnerability-in-vmware-leads-to-data-exfiltration-and-ransomware.html
Log4Shell Vulnerability in VMware Leads to Data Exfiltration and Ransomware | Trend Micro (UK)
Jun 28, 2022 - We analysed cases of a Log4Shell vulnerability being exploited in certain versions of the software VMware Horizon. Many of these attacks resulted in data being...
https://cloudsecurityalliance.org/blog/2022/01/24/log4shell-and-zero-trust/
Log4Shell and Zero Trust | CSA
The Log4Shell vulnerability illustrates why the Zero Trust principle of least privilege is needed to ensure that private applications stay hidden on the...
zero trustlog4shellcsa
https://cyberscoop.com/cisa-jcdc-log4shell-hearing-senate/
CISA's new JCDC worked as intended, witnesses say at Senate hearing on Log4Shell bug | CyberScoop
Apr 20, 2022 - Private-sector experts say that public-private threat sharing is key.
https://www.splunk.com/en_us/blog/security/log-jammin-log4j-2-rce.html?ref=hackernoon.com
Log4Shell - Detecting Log4j 2 RCE Using Splunk | Splunk
A serious remote code execution (RCE) vulnerability (CVE-2021-44228) in the popular open source Apache Log4j logging library poses a threat to thousands of...
log4j 2log4shelldetectingrceusing
https://www.forcepoint.com/resources/podcast/log4shell-holidays-dr-richard-ford-ep-164
Log4Shell for the Holidays - Dr. Richard Ford | Forcepoint
Aug 22, 2024 - Dr. Richard Ford shares insights on Log4Shell that's been making the headlines recently. Find out why this is the worst zero-day vulnerability in 10 years.
for the holidaysdr richardlog4shellfordforcepoint
https://www.hcaptcha.com/post/hcaptcha-is-not-affected-by-log4shell-heres-how-we-know-2
hCaptcha is not affected by log4shell. Here's how we know. | Blog - hCaptcha
Find out how hCaptcha is not affected by the log4shell vulnerability. Learn about the steps we've taken to ensure the security of our platform and protect our...
here s howis not
https://www.sophos.com/zh-cn/blog/log4shell-hell-anatomy-of-an-exploit-outbreak
Log4Shell Hell: anatomy of an exploit outbreak | SOPHOS
A vulnerability in a widely-used Java logging component is exposing untold numbers of organizations to potential remote code attacks and information exposure.
anatomy oflog4shellexploitoutbreaksophos
https://www.trendmicro.com/ar_sa/what-is/apache-log4j-vulnerability.html
What Is Apache Log4J (Log4Shell) Vulnerability? | Trend Micro (AR)
What you need to know about Log4Shell is a critical flaw found in the widely used Java-based logging library, Apache Log4j.
what isapache log4jtrend microlog4shellvulnerability
https://www.red-gate.com/blog/log4shell-what-does-it-mean-for-flyway/
Log4Shell: What does it mean for Flyway?
There has been a lot of attention on Apache Log4J in the past week due to the discovery of the Log4Shell vulnerability. As Flyway allows utilization of Log4J...
what does it meanlog4shellflyway
https://www.fastly.com/it/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
Digging deeper into Log4Shell - 0Day RCE exploit found in Log4j | Fastly
CVE-2021-44228 is a Remote Code Execution vulnerability in the Apache Log4j library being actively exploited. We provide our observations into the exploit and...
digging deeperrce exploitlog4shell0day
https://www.yahooinc.com/paranoids/the-cto-perspective-log4shell
The CTO Perspective: Log4Shell | Paranoids | Yahoo Inc.
In this episode of the podcast, join Yahoo CTO Aengus McClean and Chief Paranoid Sean Zadig in conversation about Log4Shell.
ctoperspectivelog4shellparanoidsyahoo
https://www.trendmicro.com/en_us/research/21/l/patch-now-apache-log4j-vulnerability-called-log4shell-being-acti.html?_ga=2.55094891.1309269410.1639465105-130077940.1639465105
Patch Now: Apache Log4j Vulnerability Called Log4Shell Actively Exploited | Trend Micro (US)
Dec 13, 2021 - Log4Shell, also known as CVE-2021-44228, was first reported privately to Apache on November 24 and was patched on December 9. It affects Apache Struts, Apache...
apache log4j
https://www.rapid7.com/blog/post/2021/12/14/log4j-makes-its-appearance-in-hacker-chatter-4-observations/
Log4Shell Makes Its Appearance in Hacker Chatter: 4 Observations | Rapid7 Blog
The Rapid7 Threat Intelligence team is tracking the attacker's-eye view on Log4Shell and the related chatter on the clear, deep, and dark web.
4 observationslog4shellmakesappearance
https://www.techtarget.com/healthtechsecurity/news/366594757/CISA-Warns-of-Continued-Log4Shell-Exploits-in-VMware-Horizon-Systems
CISA Warns of Continued Log4Shell Exploits in VMware Horizon Systems | TechTarget
The US Coast Guard Cyber Command (CGCYBER) and CISA released a joint advisory alerting critical infrastructure to continued Log4Shell exploits in VMware...
vmware horizoncisawarnscontinuedlog4shell
https://www.trendmicro.com/pt_br/research/22/g/log4shell-vulnerability-in-vmware-leads-to-data-exfiltration-and-ransomware.html
Log4Shell Vulnerability in VMware Leads to Data Exfiltration and Ransomware | Trend Micro (BR)
Jun 28, 2022 - We analyzed cases of a Log4Shell vulnerability being exploited in certain versions of the software VMware Horizon. Many of these attacks resulted in data being...
https://www.veracode.com/news/status-of-the-log4shell-vulnerabilities/
Status of the Log4Shell vulnerabilities | Veracode
Jun 27, 2024 - Application Security for the AI Era | Veracode
of thestatuslog4shellvulnerabilitiesveracode
https://www.watchguard.com/br/wgrd-psirt/advisory/wgsa-2021-00003
Log4j2 Remote Code Execution Vulnerability aka Log4Shell (CVE-2021-44228) | WatchGuard Technologies
Jan 13, 2025 - On 9 December 2021, researchers disclosed a critical, unauthenticated remote code execution (RCE) vulnerability in log4j2, a popular and widely-used logging...
remote code executioncve 2021 44228
https://thehackernews.com/2022/04/chinese-hackers-target-vmware-horizon.html
Chinese Hackers Target VMware Horizon Servers with Log4Shell to Deploy Rootkit
Chinese APT hacker group "Deep Panda'' exploits the infamous Log4Shell vulnerability in VMware Horizon to infect targeted servers with rootkit.
chinese hackersvmware horizontarget
https://www.itnews.com.au/news/log4shell-patch-incomplete-new-fix-issued-574055
Log4Shell patch incomplete, new fix issued - iTnews
JNDI functionality now disabled by default.
log4shellpatchincompletenewfix
https://thehackernews.com/2024/02/fritzfrog-returns-with-log4shell-and.html?m=0
FritzFrog Returns with Log4Shell and PwnKit, Spreading Malware Inside Your Network
fritzfrogreturnslog4shell
https://snyk.io/de/blog/log4j-rce-log4shell-vulnerability-cve-2021-44228/
Log4j vulnerability explained: Prevent Log4Shell RCE by updating to version 2.15.0 | Snyk
Dec 10, 2021 - Today (Dec.10, 2021), a new, critical Log4j vulnerability was disclosed: Log4Shell. Learn more about log4j vulnerability fix.
https://www.dynatrace.com/news/tag/log4shell/
Log4Shell | Dynatrace news
Stay updated on the latest news on Log4Shell . Look here for actionable insights for optimizing your digital ecosystem with Dynatrace.
log4shelldynatracenews
https://dev.to/omiossec/can-you-mitigate-log4shell-in-azure-attacks-using-only-network-security-group-33k8
Can you mitigate Log4Shell attacks in Azure using only Network Security Group? - DEV Community
Spoiler, not totally, log4j update is the only viable and definitive solution. Log4Shell is a... Tagged with azure, security, powershell, log4shell.
https://www.sophos.com/en-us/blog/log4shell-response-and-mitigation-recommendations?amp=1%3Famp%3D1
Log4Shell Response and Mitigation Recommendations | SOPHOS
Last updated 2021-12-20 UTC 20:06 Update: Added new open source scanning tool, adjusted open sockets query Update: Added information on log4j 2.17.0, adjusted...
log4shellresponsemitigationrecommendationssophos
https://www.dynatrace.com/news/blog/log4shell-vulnerability-discovery-and-mitigation/
Log4Shell discovery & mitigation require observability
Log4Shell made apps and devices worldwide susceptible to attack. Vulnerability monitoring in production must be a priority these days.
log4shelldiscoverymitigationrequireobservability
https://www.trendmicro.com/en_gb/what-is/apache-log4j-vulnerability.html
What Is Apache Log4J (Log4Shell) Vulnerability? | Trend Micro (UK)
What you need to know about Log4Shell is a critical flaw found in the widely used Java-based logging library, Apache Log4j.
what isapache log4jtrend microlog4shellvulnerability
https://www.forcepoint.com/blog/x-labs/news-log4shell-pfizer-data-breach-hive-ransomware-gang
Security News Issue 4: Log4shell, Ransomware | Forcepoint
Jan 3, 2024 - In this fourth issue of Forcepoint Security News, Log4Shell leaves millions of devices vulnerable, Pfizer data exfiltration case and Hive ransomware gang.
security newsissue 4log4shellransomwareforcepoint
https://www.cybersecuritydive.com/news/nhs-digital-log4shell-threat-vmware-horizon/616898/
Log4Shell threat activity targeting VMware Horizon, UK researchers warn | Cybersecurity Dive
NHS Digital warned unknown threat actors are targeting the servers in order to create web shells and enable future data theft, ransomware or other attacks.
vmware horizonlog4shellthreatactivitytargeting
https://securelist.com/webinars/insights-the-log4shell-attack/
CCB Q4 2021 event: Insights about the details of the Log4Shell attack | Securelist
Costin Raiu, the head of GReAT, and Markus Neis, threat intelligence lead at Swisscom, share their insights about the details of the Log4Shell attack
2021 eventabout the
https://www.helpnetsecurity.com/2021/12/13/log4shell-update-cve-2021-44228/
Log4Shell update: Attack surface, attacks in the wild, mitigation and remediation - Help Net...
Dec 13, 2021 - Log4Shell update: CVE-2021-44228 affects only versions 2.x of Apache Log4j (i.e., Apache Log4j 2), according to security researchers.
in the wild
https://www.wiz.io/blog/10-days-later-enterprises-halfway-through-patching-log4shell
Log4Shell 10 days later: Enterprises halfway through patching | Wiz Blog
10 dayslog4shelllaterenterpriseshalfway
https://thehackernews.com/2022/06/log4shell-still-being-exploited-to-hack.html?m=1
Log4Shell Still Being Exploited to Hack VMWare Servers to Exfiltrate Sensitive Data
CISA and the Coast Guard have issued a joint advisory warning of ongoing attempts by hackers to exploit the Log4Shell vulnerability in VMware Horizon
log4shellstillexploited
https://www.fastly.com/fr/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j
Digging deeper into Log4Shell - 0Day RCE exploit found in Log4j | Fastly
CVE-2021-44228 is a Remote Code Execution vulnerability in the Apache Log4j library being actively exploited. We provide our observations into the exploit and...
digging deeperrce exploitlog4shell0day
https://www.quest.com/community/spotlight/f/forum/32246/log4shell-patch?ReplyFilter=Answers&ReplySortBy=Answers&ReplySortOrder=Descending
log4shell patch - Forum - Spotlight - Quest Community
Hi, We have found log4j jar-files with version 2.13 on our Diagnostic Servers. They are running Spotlight 13.3, but it looks like the latest Spotlight version
log4shellpatchforumspotlightquest
https://www.redhat.com/en/blog/log4shell-practical-mitigations-and-impact-analysis
Log4Shell: Practical Mitigations and Impact Analysis of the Log4j Vulnerabilities
To mitigate the 0-day exploit in the Java logging utility Apache Log4j 2, Red Hat strongly recommends applying updates as errata becomes available and...
impact analysisof thelog4shellpracticalmitigations
https://www.computerweekly.com/news/252516112/AWS-fixes-vulnerabilities-in-Log4Shell-hot-patch
AWS fixes vulnerabilities in Log4Shell hot patch | Computer Weekly
AWS issues fixes for a series of Log4Shell hot patches after they turned out to leave its services vulnerable to further exploitation.
hot patchawsfixesvulnerabilitieslog4shell
https://www.trendmicro.com/en_gb/apache-log4j-vulnerability.html
Log4j (Log4Shell) Vulnerability - What To Know | Trend Micro (UK)
Learn about how the Log4j vulnerability started, how it's evolving and what you can do to be secure against the vulnerability
what to knowtrend microlog4jlog4shellvulnerability
https://www.darktrace.com/blog/detecting-and-responding-to-log4shell-in-the-wild
Log4Shell Vulnerability Detection & Response With Darktrace
Learn how Darktrace's AI detects and responds to Log4Shell attacks. Explore real-world examples and see how Darktrace identified and mitigated cyber threats.
vulnerability detectionlog4shellresponsedarktrace
https://www.securitymagazine.com/articles/97238-3-leadership-lessons-from-log4shell
3 leadership lessons from Log4Shell | Security Magazine
Four months after the cybersecurity community mobilized to protect organizations from the Log4j vulnerability, security leaders can reflect on the lessons...
leadership lessons3log4shellsecuritymagazine
https://securityaffairs.com/125800/hacking/log4shell-vulnerability-attack-vector.html
A new attack vector exploits the Log4Shell vulnerability on servers locally
Dec 20, 2021 - Researchers devised a new attack vector exploiting the Log4Shell vulnerability on servers locally by using a JavaScript WebSocket connection.
a newattack vectorexploits
https://snyk.io/pt-BR/blog/log4j-rce-log4shell-vulnerability-cve-2021-44228/
Log4j vulnerability explained: Prevent Log4Shell RCE by updating to version 2.15.0 | Snyk
Dec 10, 2021 - Today (Dec.10, 2021), a new, critical Log4j vulnerability was disclosed: Log4Shell. Learn more about log4j vulnerability fix.
https://thehackernews.com/2022/01/log4shell-like-critical-rce-flaw.html?m=1
Log4Shell-like Critical RCE Flaw Discovered in H2 Database Console
Cybersecurity researchers have found a new Log4Shell-like critical RCE vulnerability in the H2 database console.
log4shelllikecriticalrceflaw
https://www.trendmicro.com/en/research/22/g/log4shell-vulnerability-in-vmware-leads-to-data-exfiltration-and-ransomware.html
Log4Shell Vulnerability in VMware Leads to Data Exfiltration and Ransomware | Trend Micro
Jun 28, 2022 - We analyzed cases of a Log4Shell vulnerability being exploited in certain versions of the software VMware Horizon. Many of these attacks resulted in data being...
https://www.trendmicro.com/en/apache-log4j-vulnerability.html
Log4j (Log4Shell) Vulnerability - What To Know | Trend Micro
Learn about how the Log4j vulnerability started, how it's evolving and what you can do to be secure against the vulnerability
what to knowlog4jlog4shellvulnerabilitytrend
https://www.cybersecuritydive.com/news/iran-threat-log4shell-unpatched-vmware/636780/
Iran-linked threat actors exploiting Log4Shell via unpatched VMware, feds warn | Cybersecurity Dive
The actors compromised a federal civilian agency, CISA and the FBI said. Authorities warned VMware users to assume breach and hunt for threats if they skipped...