Meta takes down 7 hacking-for-hire operations that targeted 50,000 users

Written by Tonya Riley Dec 16, 2021 | CYBERSCOOP Meta removed seven “surveillance-for-hire” organizations that used Facebook to target at least 50,000 individuals across 100 countries for surveillance operations, some…

Log4j flaw: This new threat is going to affect cybersecurity for a long time

If there ever was any doubt over the severity of the Log4j vulnerability, director of US cybersecurity and infrastructure agency CISA, Jen Easterly, immediately quashed those doubts when she described…

SAP Kicks Log4Shell Vulnerability Out of 20 Apps

SAP’s still feverishly working to patch another 12 apps vulnerable to the Log4Shell flaw, while its Patch Tuesday release includes 21 other fixes, some rated at 9.9 criticality. SAP has…

Apache’s Fix for Log4Shell Can Lead to DoS Attacks

Not only is the jaw-dropping flaw in the Apache Log4j logging library ubiquitous; Apache’s blanket of a quickly baked patch for Log4Shell also has holes. As if finding one easily-exploited…

What the Log4Shell Bug Means for SMBs: Experts Weigh In

An exclusive roundtable of security researchers discuss the specific implications of CVE-2021-44228 for smaller businesses, including what’s vulnerable, what an attack looks like and to how to remediate. News of…

How to Buy Precious Patching Time as Log4j Exploits Fly

Podcast: Cybereason shares details about its vaccine: a fast shot in the arm released within hours of the Apache Log4j zero-day horror show being disclosed. Sure, Apache got a patch…

Log4j flaw could be a problem for industrial networks 'for years to come'

Industrial networks are among those which are vulnerable to the recently disclosed zero-day in the Log4j2 Java logging library, security researchers have warned. The vulnerability (CVE-2021-44228) was disclosed on December…

Security company offers Log4j 'vaccine' for systems that can't be updated immediately

For those unable to patch the Apache Log4Shell vulnerability, cybersecurity firm Cybereason has released what they called a “fix” for the 0-day exploit. Cybereason urged people to patch their systems…

Log4Shell Is Spawning Even Nastier Mutations

Threat Post – Threat Post – The cybersecurity Hiroshima of the year – the Apache Log4j logging library exploit – has spun off 60 bigger mutations in less than a…

“Worst-Case Scenario” Log4j Exploit Travels the Globe

“Worst-Case Scenario” Log4j Exploit Travels the Globe Security teams across the globe have been scrambling to address a dangerous new zero-day vulnerability in a popular Apache logging system currently being…