The vulnerability, officially tagged as CVE-2021-44228 and called Log4Shell or LogJam, is an unauthenticated RCE vulnerability that allows total system takeover on systems running Log4j 2.0-beta9 through 2.14.1. What Happened? Nation-state hackers…
Tag: Khonsari
Log4j flaw: This new threat is going to affect cybersecurity for a long time
If there ever was any doubt over the severity of the Log4j vulnerability, director of US cybersecurity and infrastructure agency CISA, Jen Easterly, immediately quashed those doubts when she described…
Relentless Log4j Attacks Include State Actors, Possible Worm
More than 1.8 million attacks, against half of all corporate networks, have already launched to exploit Log4Shell. Call it a “logjam” of threats: Attackers including nation-state actors have already targeted…
Nation-state hackers aim to exploit Log4j software flaw, Microsoft warns
Written by AJ Vicens and Tim Starks Dec 15, 2021 | CYBERSCOOP Hackers associated with the governments of China, Iran, North Korea and Turkey have been trying to find ways…
Apache’s Fix for Log4Shell Can Lead to DoS Attacks
Not only is the jaw-dropping flaw in the Apache Log4j logging library ubiquitous; Apache’s blanket of a quickly baked patch for Log4Shell also has holes. As if finding one easily-exploited…
Log4j flaw: Now state-backed hackers are using bug as part of attacks, warns Microsoft
State-sponsored hackers from China, Iran, North Korea and Turkey have started testing, exploiting and using the Log4j bug to deploy malware, including ransomware, according to Microsoft. As predicted by…
CISA probes scope, potential fallout of Log4j vulnerability
Written by Tim Starks Dec 14, 2021 | CYBERSCOOP A top government cyber official said Tuesday that the Cybersecurity and Infrastructure Security Agency hasn’t seen hackers compromise federal agencies by…