A New PowerShell Backdoor Is Being Used in Log4j Attacks

At the end of 2021 proof-of-concept exploits for a significant zero-day vulnerability discovered in the widely used Apache Log4j Java-based logging library were distributed online, exposing both home users and businesses…

FinTech Company Impacted by Log4j Says No to Paying the Ransom

A cyberattack has recently impacted ONUS, one of the biggest Vietnamese crypto trading platforms. Hackers targeted the company’s payment system where a vulnerable version of Log4j was running. After the…

The Fifth Log4j Vulnerability Has Been Fixed by Apache

Another Log4j version has been released by Apache dubbed 2.17.1, as prior to yesterday the most recent Log4j version was 2.17.0. This new variant addresses the RCE found in 2.17.0…

Dridex Malware Installed With the Help of Log4j Vulnerability

The Dridex malware is a banking trojan that was originally designed to steal victims’ online banking credentials but has since evolved into a loader that downloads various modules that can…

The TellYouThePass Ransomware Reappeared After the Windows Log4j Attacks

Tellyouthepass ransomware, commonly known as the.locked Files Virus, encrypts data and demands payment as a ransom to restore it. The.locked Files Virus will encrypt a text file with ransomware instructions…

A List of Vulnerable Products to the Log4j Vulnerability

Two days ago, we wrote a post about the Log4j vulnerability that is currently wreaking havoc on the cyberthreat landscape. The flaw stands for an open-source Java logging library. By…

New Ransomware Family Deployed in Log4Shell Attacks

Recently a public exploit for the major zero-day vulnerability known as ‘Log4Shell’ in the Apache Log4j Java-based logging platform has been made available. Log4j is a development platform that enables…