Threat Post

‘Long Live Log4Shell’: CVE-2021-44228 Not Dead Yet

The ubiquitous Log4j bug will be with us for years. John Hammond, senior security researcher at Huntress, discusses what’s next. Jen Easterly, the director of the Cybersecurity and Infrastructure ...
Bleeping Computer

Amazon Web Services fixes container escape in Log4Shell hotfix

Amazon Web Services (AWS) has fixed four security issues in its hot patch from December that addressed the critical Log4Shell vulnerability (CVE-2021-44228) affecting cloud or on-premise environments ...
Bleeping Computer

Over 30% of Log4J apps use a vulnerable version of the library

Roughly 38% of applications using the Apache Log4j library are using a version vulnerable to security issues, including Log4Shell, a critical vulnerability identified as CVE-2021-44228 that carries ...
Washington Technology

SBOM's: you can't secure what you don't see

Few security professionals are likely to forget where they were on December 9, 2021, when a critical vulnerability in the popular Log4j Java logging library was disclosed. Commonly referred to as ...
Computer Weekly

Almost half of networks probed for Log4Shell weaknesses

Close to half of corporate networks around the world have now been actively probed by malicious actors trying to find a way to exploit CVE-2021-44228, aka Log4Shell remote code execution (RCE) ...