‘We’re discovering new apps every minute which use Log4j in one way or another. It affects not only the code you build, but also the third-party systems you have in place,’ writes Tenable CTO Renaud ...

On December 9, when the Apache Software Foundation disclosed a massive vulnerability in Log4j, its Java logging library, it triggered a cat-and-mouse game as IT professionals raced to secure their ...

Iran-backed hacking group Phosphorous or APT35 is using the Log4j vulnerability to distribute a new modular PowerShell toolkit, according to security firm Check Point. APT35 is one of several ...

The vulnerability allows remote code execution on servers, including those operated by Apple, Twitter, Valve, Tencent, and other major service providers. I've been writing about tech, including ...

WASHINGTON, DC - AUGUST 25: U.S. President Joe Biden speaks during a meeting about cybersecurity in the East Room of the White House on August 25, 2021 in Washington, DC. Members of the Biden cabinet, ...

Peter Membrey, chief architect of ExpressVPN, remembers vividly seeing the news of the Log4j vulnerability break online. “As soon as I saw how you could exploit it, it was horrifying,” says Membrey.

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More As cybersecurity teams grapple with having to potentially patch their ...

Update (December 14 ,2021): We’ve updated this article with information about the new Log4j version release, along with new exploit vectors, and risks related to all Java versions. While you were ...

On-demand Event: Watch NOW to learn why the Log4j vulnerability is so severe and easy steps you can take to mitigate your risk. On-demand Event: Watch NOW to learn why the Log4j vulnerability remains ...

The Cyber Safety Review Board (CSRB) recently labeled the Log4j security exploit as an ‘endemic vulnerability’ that will linger for years, according to a report released on Jul 11, 2022. The ...

Criminal groups and even suspected state-sponsored hacking groups continue to exploit a serious vulnerability in Apache Log4j with ransomware and other forms of malware. According to research from ...

Last Thursday, the world learned of an in-the-wild exploitation of a critical code-execution zero-day in Log4J, a logging utility used by just about every cloud service and enterprise network on the ...