Robuta

https://securityaffairs.com/125577/security/log4shell-known-exploited-vulnerabilities-catalog.html CISA adds Log4Shell flaw to the Known Exploited Vulnerabilities Catalog Dec 13, 2021 - US CISA added 13 new flaws to the Known Exploited Vulnerabilities Catalog, including Apache LogShell Log4j and Fortinet FortiOS bugs to thecisaaddslog4shellflaw https://snyk.io/es/videos/log4shell-vulnerability-and-application-security/ What has the Log4shell vulnerability taught us about application security? | Snyk application securitylog4shellvulnerability https://dev.to/longyc/22nd-weekly-post-remaining-ratio-also-log4shell-1hh8 22nd weekly post, remaining ratio. Also, Log4Shell. - DEV Community Items of the week CSS - aspect-ratio can be used to set a preferred width-to-height ratio... Tagged with css, aws, java. weekly post22ndremainingratioalso https://www.trendmicro.com/es_es/research/22/g/log4shell-vulnerability-in-vmware-leads-to-data-exfiltration-and-ransomware.html Log4Shell Vulnerability in VMware Leads to Data Exfiltration and Ransomware | Trend Micro (ES) Jun 28, 2022 - We analyzed cases of a Log4Shell vulnerability being exploited in certain versions of the software VMware Horizon. Many of these attacks resulted in data being... https://www.itpro.com/security/zero-day-exploit/361819/what-is-log4shell-log4j-vulnerability What is the Log4Shell vulnerability? | IT Pro Mar 25, 2026 - The critical flaw affecting products built using Java is set to cause headaches in the enterprise for months to come what islog4shellvulnerabilitypro https://cyberscoop.com/iranian-hackers-log4shell-crypto/ Iranian hackers use Log4Shell to mine crypto on federal computer system | CyberScoop Nov 16, 2022 - Iranian hackers utilized a flaw in the ubiquitous open-source software library Log4j to breach a U.S. federal agency. https://snyk.io/blog/log4shell-remediation-with-snyk-by-the-numbers/ Log4Shell remediation with Snyk by the numbers | Snyk Feb 4, 2022 - Check out this handy infographic to learn more about the Log4Shell timeline, how much time and money our customers have saved by using Snyk, and what some of... by thelog4shellremediationsnyknumbers https://www.techtarget.com/searchsecurity/news/252513895/ISC2-study-finds-long-remediation-times-for-Log4Shell (ISC)2 study finds long remediation times for Log4Shell | TechTarget A survey conducted by (ISC)2 found that while Log4Shell has caused many time-consuming problems for cybersecurity professionals, there is hope in the field. isc 2study findslongremediationtimes https://www.boozallen.com/insights/cyber/tech/log4shell-and-log4j-vulnerability.html Log4Shell and Log4j Vulnerability Log4j vulnerability opens the need for continued and persistent cyber hunt operations. log4shelllog4jvulnerability https://www.trendmicro.com/de_de/what-is/apache-log4j-vulnerability.html Was ist die Apache Log4j/Log4Shell vulnerability? | Trend Micro (DE) Luka Die Log4J- oder Log4Shell vulnerability, eine kritische Schwachstelle in der weit verbreiteten Java-basierten Login-Bibliothek Apache Log4j. apache log4jtrend microistdielog4shell https://thehackernews.com/2022/01/initial-access-broker-involved-in.html?m=1 Initial Access Broker Involved in Log4Shell Attacks Against VMware Horizon Servers Researchers link an initial access broker to recent Log4Shell attacks against unpatched VMware Horizon servers. initial access brokervmware horizoninvolved https://www.dynatrace.com/news/blog/zero-day-vulnerability-management-avert-log4shell/ Zero-day vulnerability management: Averting the next Log4Shell Learn more about the evolving landscape of zero-day vulnerability management in the wake of Log4Shell. zero day vulnerabilitythe nextmanagementlog4shell https://www.trendmicro.com/ru_ru/research/22/g/log4shell-vulnerability-in-vmware-leads-to-data-exfiltration-and-ransomware.html Log4Shell Vulnerability in VMware Leads to Data Exfiltration and Ransomware | Trend Micro (RU) Jun 28, 2022 - We analyzed cases of a Log4Shell vulnerability being exploited in certain versions of the software VMware Horizon. Many of these attacks resulted in data being... https://www.helpnetsecurity.com/2021/12/23/log4shell-avoided/ Log4Shell is a dumpster fire that should have been avoided - Help Net Security Dec 23, 2021 - Log4Shell should have been avoided by following basic IT hygiene guidance, but the internet has not been built by way of hygiene. https://www.computerweekly.com/news/366546993/Log4Shell-ProxyShell-still-among-most-widely-exploited-flaws Log4Shell, ProxyShell still among most widely exploited flaws | Computer Weekly New statistics released by the collective Five Eyes cyber agencies reveals insight into the most exploited vulnerabilities of 2022, and unsurprisingly there... log4shellstillamongwidelyexploited https://www.itpro.com/security/vulnerability/361874/news-in-review-log4shell-google-vaccines-popular-passwords IT Pro News In Review: Log4Shell vulnerability, Google vaccine policy, most common passwords 2021 |... Dec 17, 2021 - Catch up on the biggest headlines of the week in just two minutes https://www.trendmicro.com/en_gb/research/22/g/log4shell-vulnerability-in-vmware-leads-to-data-exfiltration-and-ransomware.html Log4Shell Vulnerability in VMware Leads to Data Exfiltration and Ransomware | Trend Micro (UK) Jun 28, 2022 - We analysed cases of a Log4Shell vulnerability being exploited in certain versions of the software VMware Horizon. Many of these attacks resulted in data being... https://cloudsecurityalliance.org/blog/2022/01/24/log4shell-and-zero-trust/ Log4Shell and Zero Trust | CSA The Log4Shell vulnerability illustrates why the Zero Trust principle of least privilege is needed to ensure that private applications stay hidden on the... zero trustlog4shellcsa https://cyberscoop.com/cisa-jcdc-log4shell-hearing-senate/ CISA's new JCDC worked as intended, witnesses say at Senate hearing on Log4Shell bug | CyberScoop Apr 20, 2022 - Private-sector experts say that public-private threat sharing is key. https://www.splunk.com/en_us/blog/security/log-jammin-log4j-2-rce.html?ref=hackernoon.com Log4Shell - Detecting Log4j 2 RCE Using Splunk | Splunk A serious remote code execution (RCE) vulnerability (CVE-2021-44228) in the popular open source Apache Log4j logging library poses a threat to thousands of... log4j 2log4shelldetectingrceusing https://www.forcepoint.com/resources/podcast/log4shell-holidays-dr-richard-ford-ep-164 Log4Shell for the Holidays - Dr. Richard Ford | Forcepoint Aug 22, 2024 - Dr. Richard Ford shares insights on Log4Shell that's been making the headlines recently. Find out why this is the worst zero-day vulnerability in 10 years. for the holidaysdr richardlog4shellfordforcepoint https://www.hcaptcha.com/post/hcaptcha-is-not-affected-by-log4shell-heres-how-we-know-2 hCaptcha is not affected by log4shell. Here's how we know. | Blog - hCaptcha Find out how hCaptcha is not affected by the log4shell vulnerability. Learn about the steps we've taken to ensure the security of our platform and protect our... here s howis not https://www.sophos.com/zh-cn/blog/log4shell-hell-anatomy-of-an-exploit-outbreak Log4Shell Hell: anatomy of an exploit outbreak | SOPHOS A vulnerability in a widely-used Java logging component is exposing untold numbers of organizations to potential remote code attacks and information exposure. anatomy oflog4shellexploitoutbreaksophos https://www.trendmicro.com/ar_sa/what-is/apache-log4j-vulnerability.html What Is Apache Log4J (Log4Shell) Vulnerability? | Trend Micro (AR) What you need to know about Log4Shell is a critical flaw found in the widely used Java-based logging library, Apache Log4j. what isapache log4jtrend microlog4shellvulnerability https://www.red-gate.com/blog/log4shell-what-does-it-mean-for-flyway/ Log4Shell: What does it mean for Flyway? There has been a lot of attention on Apache Log4J in the past week due to the discovery of the Log4Shell vulnerability. As Flyway allows utilization of Log4J... what does it meanlog4shellflyway https://www.fastly.com/it/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j Digging deeper into Log4Shell - 0Day RCE exploit found in Log4j | Fastly CVE-2021-44228 is a Remote Code Execution vulnerability in the Apache Log4j library being actively exploited. We provide our observations into the exploit and... digging deeperrce exploitlog4shell0day https://www.yahooinc.com/paranoids/the-cto-perspective-log4shell The CTO Perspective: Log4Shell | Paranoids | Yahoo Inc. In this episode of the podcast, join Yahoo CTO Aengus McClean and Chief Paranoid Sean Zadig in conversation about Log4Shell. ctoperspectivelog4shellparanoidsyahoo https://www.trendmicro.com/en_us/research/21/l/patch-now-apache-log4j-vulnerability-called-log4shell-being-acti.html?_ga=2.55094891.1309269410.1639465105-130077940.1639465105 Patch Now: Apache Log4j Vulnerability Called Log4Shell Actively Exploited | Trend Micro (US) Dec 13, 2021 - Log4Shell, also known as CVE-2021-44228, was first reported privately to Apache on November 24 and was patched on December 9. It affects Apache Struts, Apache... apache log4j https://www.rapid7.com/blog/post/2021/12/14/log4j-makes-its-appearance-in-hacker-chatter-4-observations/ Log4Shell Makes Its Appearance in Hacker Chatter: 4 Observations | Rapid7 Blog The Rapid7 Threat Intelligence team is tracking the attacker's-eye view on Log4Shell and the related chatter on the clear, deep, and dark web. 4 observationslog4shellmakesappearance https://www.techtarget.com/healthtechsecurity/news/366594757/CISA-Warns-of-Continued-Log4Shell-Exploits-in-VMware-Horizon-Systems CISA Warns of Continued Log4Shell Exploits in VMware Horizon Systems | TechTarget The US Coast Guard Cyber Command (CGCYBER) and CISA released a joint advisory alerting critical infrastructure to continued Log4Shell exploits in VMware... vmware horizoncisawarnscontinuedlog4shell https://www.trendmicro.com/pt_br/research/22/g/log4shell-vulnerability-in-vmware-leads-to-data-exfiltration-and-ransomware.html Log4Shell Vulnerability in VMware Leads to Data Exfiltration and Ransomware | Trend Micro (BR) Jun 28, 2022 - We analyzed cases of a Log4Shell vulnerability being exploited in certain versions of the software VMware Horizon. Many of these attacks resulted in data being... https://www.veracode.com/news/status-of-the-log4shell-vulnerabilities/ Status of the Log4Shell vulnerabilities | Veracode Jun 27, 2024 - Application Security for the AI Era | Veracode of thestatuslog4shellvulnerabilitiesveracode https://www.watchguard.com/br/wgrd-psirt/advisory/wgsa-2021-00003 Log4j2 Remote Code Execution Vulnerability aka Log4Shell (CVE-2021-44228) | WatchGuard Technologies Jan 13, 2025 - On 9 December 2021, researchers disclosed a critical, unauthenticated remote code execution (RCE) vulnerability in log4j2, a popular and widely-used logging... remote code executioncve 2021 44228 https://thehackernews.com/2022/04/chinese-hackers-target-vmware-horizon.html Chinese Hackers Target VMware Horizon Servers with Log4Shell to Deploy Rootkit Chinese APT hacker group "Deep Panda'' exploits the infamous Log4Shell vulnerability in VMware Horizon to infect targeted servers with rootkit. chinese hackersvmware horizontarget https://www.itnews.com.au/news/log4shell-patch-incomplete-new-fix-issued-574055 Log4Shell patch incomplete, new fix issued - iTnews JNDI functionality now disabled by default. log4shellpatchincompletenewfix https://thehackernews.com/2024/02/fritzfrog-returns-with-log4shell-and.html?m=0 FritzFrog Returns with Log4Shell and PwnKit, Spreading Malware Inside Your Network fritzfrogreturnslog4shell https://snyk.io/de/blog/log4j-rce-log4shell-vulnerability-cve-2021-44228/ Log4j vulnerability explained: Prevent Log4Shell RCE by updating to version 2.15.0 | Snyk Dec 10, 2021 - Today (Dec.10, 2021), a new, critical Log4j vulnerability was disclosed: Log4Shell. Learn more about log4j vulnerability fix. https://www.dynatrace.com/news/tag/log4shell/ Log4Shell | Dynatrace news Stay updated on the latest news on Log4Shell . Look here for actionable insights for optimizing your digital ecosystem with Dynatrace. log4shelldynatracenews https://dev.to/omiossec/can-you-mitigate-log4shell-in-azure-attacks-using-only-network-security-group-33k8 Can you mitigate Log4Shell attacks in Azure using only Network Security Group? - DEV Community Spoiler, not totally, log4j update is the only viable and definitive solution. Log4Shell is a... Tagged with azure, security, powershell, log4shell. https://www.sophos.com/en-us/blog/log4shell-response-and-mitigation-recommendations?amp=1%3Famp%3D1 Log4Shell Response and Mitigation Recommendations | SOPHOS Last updated 2021-12-20 UTC 20:06 Update: Added new open source scanning tool, adjusted open sockets query Update: Added information on log4j 2.17.0, adjusted... log4shellresponsemitigationrecommendationssophos https://www.dynatrace.com/news/blog/log4shell-vulnerability-discovery-and-mitigation/ Log4Shell discovery & mitigation require observability Log4Shell made apps and devices worldwide susceptible to attack. Vulnerability monitoring in production must be a priority these days. log4shelldiscoverymitigationrequireobservability https://www.trendmicro.com/en_gb/what-is/apache-log4j-vulnerability.html What Is Apache Log4J (Log4Shell) Vulnerability? | Trend Micro (UK) What you need to know about Log4Shell is a critical flaw found in the widely used Java-based logging library, Apache Log4j. what isapache log4jtrend microlog4shellvulnerability https://www.forcepoint.com/blog/x-labs/news-log4shell-pfizer-data-breach-hive-ransomware-gang Security News Issue 4: Log4shell, Ransomware | Forcepoint Jan 3, 2024 - In this fourth issue of Forcepoint Security News, Log4Shell leaves millions of devices vulnerable, Pfizer data exfiltration case and Hive ransomware gang. security newsissue 4log4shellransomwareforcepoint https://www.cybersecuritydive.com/news/nhs-digital-log4shell-threat-vmware-horizon/616898/ Log4Shell threat activity targeting VMware Horizon, UK researchers warn | Cybersecurity Dive NHS Digital warned unknown threat actors are targeting the servers in order to create web shells and enable future data theft, ransomware or other attacks. vmware horizonlog4shellthreatactivitytargeting https://securelist.com/webinars/insights-the-log4shell-attack/ CCB Q4 2021 event: Insights about the details of the Log4Shell attack | Securelist Costin Raiu, the head of GReAT, and Markus Neis, threat intelligence lead at Swisscom, share their insights about the details of the Log4Shell attack 2021 eventabout the https://www.helpnetsecurity.com/2021/12/13/log4shell-update-cve-2021-44228/ Log4Shell update: Attack surface, attacks in the wild, mitigation and remediation - Help Net... Dec 13, 2021 - Log4Shell update: CVE-2021-44228 affects only versions 2.x of Apache Log4j (i.e., Apache Log4j 2), according to security researchers. in the wild https://www.wiz.io/blog/10-days-later-enterprises-halfway-through-patching-log4shell Log4Shell 10 days later: Enterprises halfway through patching | Wiz Blog 10 dayslog4shelllaterenterpriseshalfway https://thehackernews.com/2022/06/log4shell-still-being-exploited-to-hack.html?m=1 Log4Shell Still Being Exploited to Hack VMWare Servers to Exfiltrate Sensitive Data CISA and the Coast Guard have issued a joint advisory warning of ongoing attempts by hackers to exploit the Log4Shell vulnerability in VMware Horizon log4shellstillexploited https://www.fastly.com/fr/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j Digging deeper into Log4Shell - 0Day RCE exploit found in Log4j | Fastly CVE-2021-44228 is a Remote Code Execution vulnerability in the Apache Log4j library being actively exploited. We provide our observations into the exploit and... digging deeperrce exploitlog4shell0day https://www.quest.com/community/spotlight/f/forum/32246/log4shell-patch?ReplyFilter=Answers&ReplySortBy=Answers&ReplySortOrder=Descending log4shell patch - Forum - Spotlight - Quest Community Hi, We have found log4j jar-files with version 2.13 on our Diagnostic Servers. They are running Spotlight 13.3, but it looks like the latest Spotlight version log4shellpatchforumspotlightquest https://www.redhat.com/en/blog/log4shell-practical-mitigations-and-impact-analysis Log4Shell: Practical Mitigations and Impact Analysis of the Log4j Vulnerabilities To mitigate the 0-day exploit in the Java logging utility Apache Log4j 2, Red Hat strongly recommends applying updates as errata becomes available and... impact analysisof thelog4shellpracticalmitigations https://www.computerweekly.com/news/252516112/AWS-fixes-vulnerabilities-in-Log4Shell-hot-patch AWS fixes vulnerabilities in Log4Shell hot patch | Computer Weekly AWS issues fixes for a series of Log4Shell hot patches after they turned out to leave its services vulnerable to further exploitation. hot patchawsfixesvulnerabilitieslog4shell https://www.trendmicro.com/en_gb/apache-log4j-vulnerability.html Log4j (Log4Shell) Vulnerability - What To Know | Trend Micro (UK) Learn about how the Log4j vulnerability started, how it's evolving and what you can do to be secure against the vulnerability what to knowtrend microlog4jlog4shellvulnerability https://www.darktrace.com/blog/detecting-and-responding-to-log4shell-in-the-wild Log4Shell Vulnerability Detection & Response With Darktrace Learn how Darktrace's AI detects and responds to Log4Shell attacks. Explore real-world examples and see how Darktrace identified and mitigated cyber threats. vulnerability detectionlog4shellresponsedarktrace https://www.securitymagazine.com/articles/97238-3-leadership-lessons-from-log4shell 3 leadership lessons from Log4Shell | Security Magazine Four months after the cybersecurity community mobilized to protect organizations from the Log4j vulnerability, security leaders can reflect on the lessons... leadership lessons3log4shellsecuritymagazine https://securityaffairs.com/125800/hacking/log4shell-vulnerability-attack-vector.html A new attack vector exploits the Log4Shell vulnerability on servers locally Dec 20, 2021 - Researchers devised a new attack vector exploiting the Log4Shell vulnerability on servers locally by using a JavaScript WebSocket connection. a newattack vectorexploits https://snyk.io/pt-BR/blog/log4j-rce-log4shell-vulnerability-cve-2021-44228/ Log4j vulnerability explained: Prevent Log4Shell RCE by updating to version 2.15.0 | Snyk Dec 10, 2021 - Today (Dec.10, 2021), a new, critical Log4j vulnerability was disclosed: Log4Shell. Learn more about log4j vulnerability fix. https://thehackernews.com/2022/01/log4shell-like-critical-rce-flaw.html?m=1 Log4Shell-like Critical RCE Flaw Discovered in H2 Database Console Cybersecurity researchers have found a new Log4Shell-like critical RCE vulnerability in the H2 database console. log4shelllikecriticalrceflaw https://www.trendmicro.com/en/research/22/g/log4shell-vulnerability-in-vmware-leads-to-data-exfiltration-and-ransomware.html Log4Shell Vulnerability in VMware Leads to Data Exfiltration and Ransomware | Trend Micro Jun 28, 2022 - We analyzed cases of a Log4Shell vulnerability being exploited in certain versions of the software VMware Horizon. Many of these attacks resulted in data being... https://www.trendmicro.com/en/apache-log4j-vulnerability.html Log4j (Log4Shell) Vulnerability - What To Know | Trend Micro Learn about how the Log4j vulnerability started, how it's evolving and what you can do to be secure against the vulnerability what to knowlog4jlog4shellvulnerabilitytrend https://www.cybersecuritydive.com/news/iran-threat-log4shell-unpatched-vmware/636780/ Iran-linked threat actors exploiting Log4Shell via unpatched VMware, feds warn | Cybersecurity Dive The actors compromised a federal civilian agency, CISA and the FBI said. Authorities warned VMware users to assume breach and hunt for threats if they skipped...