Log4J Privacy & Security News

• Log4j software bug: CISA issues emergency directive to federal agencies

  Casual computer users have probably never heard of this logging software, but it's used across the entire internet.

  Dec 17 2021

  https://www.cnet.com/tech/services-and-software/log4j-software-bug-cisa-issues-emergency-directive-to-federal-agencies/

• TellYouThePass ransomware revived in Linux, Windows Log4j attacks

  Dec 17 2021

  https://www.bleepingcomputer.com/news/security/tellyouthepass-ransomware-revived-in-linux-windows-log4j-attacks/

• The Next Wave of Log4J Attacks Will Be Brutal

  So far, Log4Shell has resulted mostly in cryptomining and a little espionage. The really bad stuff is just around the corner.

  Dec 16 2021

  https://www.wired.com/story/log4j-log4shell-vulnerability-ransomware-second-wave/

• Protect Your IoT Devices from Log4j 2 Vulnerability

  Dec 15 2021

  https://live.paloaltonetworks.com/t5/blogs/protect-your-iot-devices-from-log4j-2-vulnerability/ba-p/453381

• FBI Statement on Log4j Vulnerability

  Dec 15 2021

  https://www.fbi.gov/news/pressrel/press-releases/fbi-statement-on-log4j-vulnerability

• Companies scramble to defend against newly discovered 'Log4j' digital flaw

  Dec 14 2021

  https://www.npr.org/2021/12/14/1064123144/companies-scramble-to-defend-against-newly-discovered-log4j-digital-flaw

• Log4j zero-day flaw: What you need to know and how to protect yourself

  The Log4j vulnerability affects everything from the cloud to developer tools and security devices. Here's what to look for, according to the latest information.

  Dec 14 2021

  https://www.zdnet.com/article/log4j-zero-day-flaw-what-you-need-to-know-and-how-to-protect-yourself/

• Log4j vulnerability explained: Prevent Log4Shell RCE by updating to version 2.16.0

  Dec 10 2021

  https://snyk.io/blog/log4j-rce-log4shell-vulnerability-cve-2021-4428/

• Severe Apache Log4j Vulnerability Threatens Enterprise Apps

  Unauthenticated RCE Vulnerability Could Affect 'Thousands of Organizations'

  Dec 10 2021  

  https://www.bankinfosecurity.com/severe-apache-log4j-vulnerability-threatens-enterprise-apps-a-18101