Log4Shell (CVE-2021 – 44228): is a zero-day vulnerability in Log4j, a popular Java logging framework. Log4j has left businesses and government officials scrambling to deal with the blatant cybersecurity threat to global computer networks. The bug disclosed recently could trigger potentially devastating cyberattacks spanning economic sectors and international borders, security experts say.
Leading researchers and technology companies have warned that hackers with links to foreign governments and ransomware criminal groups seek to exploit vulnerabilities in targets’ computer systems.
Find out more and what you should be doing HERE.
Showing posts with label Log4j. Show all posts
Showing posts with label Log4j. Show all posts
Thursday, 6 January 2022
Friday, 31 December 2021
Conti Ransomware Gang Has Full Log4Shell Attack Chain
The Conti ransomware gang, which last week became the first
professional crimeware outfit to adopt and weaponize the Log4Shell
vulnerability, has now built up a holistic attack chain.
The sophisticated Russia-based Conti group – which Palo Alto Networks has called “one of the most ruthless” of dozens of ransomware groups currently known to be active – was in the right place at the right time with the right tools when Log4Shell hit the scene 10 days ago, security firm Advanced Intelligence (AdvIntel) said in a report shared with Threatpost on Thursday.
You can read the Threatpost story HERE.
Labels:
cybercrime,
cybersecurity,
Log4j,
ransomware,
risk management
Wednesday, 29 December 2021
Check for Log4j vulnerabilities with this simple-to-use script
If you're not certain whether your Java project is free from Log4j
vulnerabilities, you should try this easy-to-use scanning tool
immediately.
To find out what you should be doing check HERE.
Labels:
cybersecurity,
Java,
Log4j,
Log4jDetect,
risk
Subscribe to:
Posts (Atom)