MobileIron customers urged to patch systems due to potential Log4j exploitation

Cybersecurity company NCC Group is warning users of MobileIron products to patch their systems since finding exploitations through the Log4j vulnerability.  more coverage NCC Group researchers have so far seen…

Relentless Log4j Attacks Include State Actors, Possible Worm

More than 1.8 million attacks, against half of all corporate networks, have already launched to exploit Log4Shell. Call it a “logjam” of threats: Attackers including nation-state actors have already targeted…

Cybersecurity experts debate concern over potential Log4j worm

As the fallout from the Log4j vulnerability continues, cybersecurity experts are debating what the future might hold.  Tom Kellermann, VMware’s head of cybersecurity strategy, said the Log4j vulnerability is one…

A List of Vulnerable Products to the Log4j Vulnerability

Two days ago, we wrote a post about the Log4j vulnerability that is currently wreaking havoc on the cyberthreat landscape. The flaw stands for an open-source Java logging library. By…

Apache’s Fix for Log4Shell Can Lead to DoS Attacks

Not only is the jaw-dropping flaw in the Apache Log4j logging library ubiquitous; Apache’s blanket of a quickly baked patch for Log4Shell also has holes. As if finding one easily-exploited…

CISA probes scope, potential fallout of Log4j vulnerability

Written by Tim Starks Dec 14, 2021 | CYBERSCOOP A top government cyber official said Tuesday that the Cybersecurity and Infrastructure Security Agency hasn’t seen hackers compromise federal agencies by…

Actively Exploited Microsoft Zero-Day Allows App Spoofing, Malware Delivery

December’s Patch Tuesday updates address six publicly known bugs and seven critical security vulnerabilities. Microsoft has addressed a zero-day vulnerability that was exploited in the wild to deliver Emotet, Trickbot…

What the Log4Shell Bug Means for SMBs: Experts Weigh In

An exclusive roundtable of security researchers discuss the specific implications of CVE-2021-44228 for smaller businesses, including what’s vulnerable, what an attack looks like and to how to remediate. News of…

How to Buy Precious Patching Time as Log4j Exploits Fly

Podcast: Cybereason shares details about its vaccine: a fast shot in the arm released within hours of the Apache Log4j zero-day horror show being disclosed. Sure, Apache got a patch…

Experts: Log4j Bug Could Be Exploited for “Years”

Experts: Log4j Bug Could Be Exploited for “Years” Security experts have warned that the Log4j vulnerability could still enable threat actors to launch attacks years from now, if security teams…