Stay updated on Log4j vulnerabilities and patches. Expert news, insights, and analysis on Log4j security risks for your cyber safety.
Search across headline titles and summaries.
Background for this topic.
Log4j is a widespread Java-based logging utility part of the Apache Logging Services, a project from the Apache Software Foundation. This tool is integral to many Java applications as it enables developers to record activity and state information inside programs. Log4j is designed to be fast and flexible, allowing developers to record messages according to different log levels (e.g., ERROR, WARN, INFO, DEBUG) and to various destinations, like console, files, databases, and more.
In the context of information security, Log4j gained significant attention due to critical vulnerabilities discovered, most notably the Log4Shell exploit identified in late 2021. This exploit could allow remote code execution on affected systems, presenting significant risks as attackers might use it to control compromised systems, steal information, or disrupt services. The wide adoption of Log4j across various software and the critical nature of the vulnerabilities made it a prominent focus for cybersecurity professionals who had to quickly address the issue by applying patches, monitoring for exploitation attempts, and revising security protocols to mitigate potential impacts. Due to its severity, this incident highlighted the importance of software supply chain security and the need for ongoing vigilance for new vulnerabilities within widely used libraries and frameworks.
Weekly headline count for the current query.
Sonatype has claimed that 13% of Log4j versions downloaded this year were vulnerable to the legacy critical Log4Shell bug
A China-linked threat actor has been attributed to a cyber attack targeting an U.S. non-profit organization with an aim to establish long-term persistence, as part of broader activity aimed at U.S. entities that are linked to or involved in policy issues
How to avoid another SolarWinds, Log4j, and XZ Utils situation Organizations concerned about software supply chain attacks should focus on role-based access control, system monitoring, and boundary protection, according to a new preprint paper on the topic.…
A new report by Cato Networks found that exploiting old vulnerabilities in unpatched systems is one of threat actors’ favorite initial access vectors
Botnet Looks for Vulnerable Internal Network MachinesDelivering more proof that the Log4Shell vulnerability is endemic, Akamai researchers detected botnet malware updated to use the flaw as an infection vector. Log4Shell burst into public awareness in late 2021 when security researchers identified a flaw in the ubiquitous Apache Log4J 2 Java library.
The notorious North Korean hacking group known as Lazarus continues to exploit CVE-2021-44228, aka "Log4Shell," this time to deploy three previously unseen malware families written in DLang. [...]
Lack of awareness still blamed for patching apathy despite it being among most infamous bugs of all time Two years after the Log4Shell vulnerability in the open source Java-based Log4j logging utility was disclosed, circa one in four applications are dependent on outdated libraries, leaving them open to exploitation.…
The notorious North Korea-linked threat actor known as the Lazarus Group has been attributed to a new global campaign that involves the opportunistic exploitation of security flaws in Log4j to deploy previously undocumented remote access trojans (RATs) on compromised hosts
Two years after a critical vulnerability was found in utility Log4j, 38% of apps still use buggy versions
Roughly 38% of applications using the Apache Log4j library are using a version vulnerable to security issues, including Log4Shell, a critical vulnerability identified as CVE-2021-44228 that carries the maximum severity rating, despite patches being available for more than two years. [...]
Developers need more software security safeguards earlier in the process, especially as AI becomes more common.
The North Korea-aligned threat actor known as Andariel leveraged a previously undocumented malware called EarlyRat in attacks exploiting the Log4j Log4Shell vulnerability last year
Accept there are some risks you don’t control but which nonetheless you can’t ignore Sponsored Feature Friday the 10 of December 2021 is etched in the memory of many IT professionals, but not for reasons they will look back on with fondness. That was the day, just as most American workers were logging off for a long weekend, when a critical vulnerability in an obscure but essential piece of software code first came to widespread attention.…
Attackers continued to favor software exploits, phishing, and stolen credentials as initial-access methods last year, as Log4j and the Russia-Ukraine cyber conflict changed the threat landscape.
Proxyjacking is an emerging, low-effort and high-reward attack for threat actors, with the potential for far-reaching implications.
Don't make perfect the enemy of good in vulnerability management. Context is key — prioritize vulnerabilities that are actually exploitable. Act quickly if the vulnerability is on a potential attack path to a critical asset.
In 2022, multiple high-profile vulnerabilities like Log4j and OpenSSL provided important takeaways for future public reporting.
Here’s how Wiz can help Sponsored Feature When software vulnerabilities and zero days moved up the enterprise worry list 15 years ago, nobody imagined the world would one day end up with a threat as perplexing as Log4Shell – a vulnerability in the Apache Log4j open source logging framework that's used in software on all major operating systems spanning everything from cloud services to PC games.…
It's the gift to cybercriminals that keeps on giving Iranian state-sponsored cyber criminals used an unpatched Log4j flaw to break into a US government network, illegally mine for cryptocurrency, steal credentials and change passwords, and then snoop around undetected for several months, according to CISA.…