Log4j is just the beginning – Secure your software with no-code DevOps orchestration
SD Times
May 31 2022
Security Bulletin: Multiple vulnerabilities in Apache Log4j affect IBM Cloud Pak System
IBM
May 30 2022
Log4Shell: How friendly hackers rose to the challenge
HackerOne CISO Chris Evans looks back at how the security community successfully rose to the challenge of Log4Shell, and saved end-user organisations millions
Computer Weekly
May 30 2022
https://www.computerweekly.com/opinion/Log4Shell-How-friendly-hackers-rose-to-the-challenge
Ransomware attack sends US county back to 1977
Also: Uni details its malware-catching AI, signs of China poking the Russian cyber-bear, and more
The Register
May 29 2022
Log4j heightens security, resources divide between healthcare and other sectors
SC Magazine
May 19 2022
Apache Log4j – Security Vulnerability Impact for HCL Common Local License Server
HCL Software Customer Support
May 9 2022
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0095517
Lexology
May 4 2022
https://www.lexology.com/library/detail.aspx?g=970e1f9f-505e-4da2-864f-16b061860def
State-backed hacking groups are some of the most advanced cyberattack operations in the world - but criminals don't need to rely on them if they can exploit unpatched cybersecurity flaws.
ZDNet
May 3 2022
IBM
May 3 2022
How Log4j Reshaped Cloud Security Thinking
Security Boulevard
May 2 2022
https://securityboulevard.com/2022/05/how-log4j-reshaped-cloud-security-thinking/
Symantec Security Advisory for Log4j 2 Vulnerability for VIP Auth Hub
Broadcom
May 1 2022
https://knowledge.broadcom.com/external/article/230768/symantec-security-advisory-for-log4j-2-v.html
Log4j flaw: Thousands of applications are still vulnerable, warn security researchers
Cybersecurity researchers warn that insecure instances of Lo4j are still out there to be exploited - and are easy for attackers to discover.
April 28 2022. ZDNet.
Security Teams Still Struggling to Patch Log4Shell
April 28 2022. Michael Vizard. Security Boulevard.
https://securityboulevard.com/2022/04/security-teams-still-struggling-to-patch-log4shell/
Remote execution holes in Log4j, Exchange and Confluence lead Five Eyes 2021 exploited CVE list. Most exploited list topped by Log4Shell, ProxyShell, and ProxyLogon vulnerabilities.
April 27 2022. ZDNet.
Long-running North Korean operation hacked into engineering firm, Symantec says
April 27 2022. Joe Warminsky. The Record.
https://therecord.media/north-korea-hackers-stonefly-symantec/
Log4j Attack Surface Remains Massive. Four months after the Log4Shell vulnerability was disclosed, most affected open source components remain unpatched, and companies continue to use vulnerable versions of the logging tool.
April 26 2022. Jai Vijayan. Threat Intelligence.
https://www.darkreading.com/threat-intelligence/l0g4j-attack-surface-remains-huge
Public interest in Log4Shell fades but attack surface remains
April 26 2022. Bill Toulas. Bleeping Computer.
Amazon's Hotpatch for Log4j Flaw Found Vulnerable to Privilege Escalation Bug
April 21 2022. Ravie Lakshmanan. The Hacker News.
https://thehackernews.com/2022/04/amazons-hotpatch-for-log4j-flaw-found.html
AWS Confirms Log4j Hotpatch Fix Leads to Privilege Escalation
April 21 2022. Rabia Noureen. PETRI.
https://petri.com/aws-log4j-hotpatch-fix-privilege-escalation/
Combat zero-day attacks: 6 steps
Be knowledgeable and proactive, and have a plan to face zero-day vulnerabilities.
April 20 2022. John Cuneo. Credit Union National Association (CUNA) News.
https://news.cuna.org/articles/120840-combat-zero-day-attacks-6-steps
AWS's Log4j patches blew holes in its own security
Remote code exec is so 2014. Have this container escape and privilege escalation, instead
April 20 2022. Jessica Lyons Hardcastle. The Register.
Reported Apache Log4j Hotpatch Issues.
AWS. Initial Publication: April 19 2022
CVE IDs: CVE-2021-3100, CVE-2021-3101, CVE-2022-0070, CVE-2022-0071
https://aws.amazon.com/security/security-bulletins/AWS-2022-006/
Cyber Insurance Changes in the Aftermath of Log4j
April 7 2022. Lynda Bennett, Ken Fishkin. Lowenstein Sandler LLP
https://www.jdsupra.com/legalnews/cyber-insurance-changes-in-the-aftermath-39456/
What Log4j Can Teach Us About Cloud Security
By more securely configuring our cloud environments, we block bad actors from exploiting vulnerabilities.
April 6 2022. eWeek.
https://www.eweek.com/cloud/what-log4j-can-teach-us-about-cloud-security/
Experts Warn Defenders: Don't Relax on Log4j
April 01, 2022. Kevin Townsend. Security Week.
https://www.securityweek.com/experts-warn-defenders-dont-relax-log4j
Chinese Hackers Target VMware Horizon Servers with Log4Shell to Deploy Rootkit
April 01 2022. Ravie Lakshmanan. The Hacker News.
https://thehackernews.com/2022/04/chinese-hackers-target-vmware-horizon.html
Spring4Shell vulnerability could have ‘a larger impact’ than Log4j
March 31 2022. Ryan Daws. Developer-Tech.
VMware Horizon platform pummeled by Log4j-fueled attacks
Miscreants deployed cryptominers, backdoors since late December, Sophos says
March 30 2022. Jeff Burt. The Register.
https://www.theregister.com/2022/03/30/log4j-malware-sophos-vmware-horizon/
How to Prevent the Next Log4j-Style Zero-Day Vulnerability
An interactive static analyzer gives developers information on potential risks arising from user inputs while they code. This could be a game-changer.
March 30 2022. Asaf Karas. DARK Reading.
https://www.darkreading.com/dr-tech/how-to-prevent-the-next-log4j-style-zero-day-vulnerability
Log4JShell Used to Swarm VMware Servers with Miners, Backdoors
March 29 2022. Lisa Vaas. ThreatPost.
https://threatpost.com/log4jshell-swarm-vmware-servers-miners-backdoors/179142/
Sophos Finds Three Backdoors, Possibly Delivered by Initial Access Brokers, and Four Cryptominers Targeting Unpatched VMware Horizon Servers
March 29 2022. Sophos Inc.
Log4j Attacks Continue Unabated Against VMware Horizon Servers
Threat actors are exploiting the vulnerability to drop Web shells and cryptominers, security vendor says.
March 29 2022. Jai Vijayan. Threat Intelligence.
30% of Log4j instances still remain vulnerable, with open source apps a major hurdle
March 18 2022
Linux botnet exploits Log4j flaw to hijack Arm, x86 systems
On a plus side, their code's not very good
March 16 2022
New Linux backdoor that propagates via Log4j vulnerability easy to exploit in the cloud
March 16 2022
Cloudflare freebie will help customers shield against the next Log4j
March 16 2022
https://www.techradar.com/news/cloudflare-freebie-will-help-customers-shield-against-the-next-log4j
As Log4j Continues to Remind Us, What's Old Is New Again
We need to focus on the bad guys and their methods instead of playing whack-a-mole with indicators of compromise.
March 15 2022
New Linux botnet exploits Log4J, uses DNS tunneling for comms
March 15 2022
Log4j Security Hole Found In OmniFind Text Search Server
March 14 2022
https://www.itjungle.com/2022/03/14/log4j-security-hole-found-in-omnifind-text-search-server/
GreyNoise launches free tool to protect against ‘scary’ vulnerabilities like Log4j
March 14 2022
How Companies Can Prepare For The Next Log4j
March 11 2022
Safeguarding Your ICS Against the Log4j Vulnerability
Although no information about industrial control systems being breached via Log4j has yet been made public, the threat exists.
March 11 2022
Major Government Attack Highlights How Log4j is Still Unresolved
March 11 2022
FTC Warns Companies to Fix Vulnerabilities Associated with Log4j
March 10 2022
https://www.jdsupra.com/legalnews/ftc-warns-companies-to-fix-3049131/
Over 40% of Log4j Downloads Are Vulnerable Versions of the Software
The data point is a reminder of why fixing the widespread vulnerability will take a long time.
March 10 2022
March 9 2022
China’s APT41 exploited Log4j within hours
APT41 compromised multiple government organisations via the Log4Shell exploit within hours of its initial disclosure, Mandiant claims
March 9 2022
https://www.computerweekly.com/news/252514376/Chinas-APT41-exploited-Log4j-within-hours
Within hours of the Log4j flaw being revealed, these hackers were using it
Cybersecurity researchers at Mandiant detail a hacking campaign designed to gain persistent access to networks.
March 8 2022
Mandiant reminds us: Don’t forget about Log4j
March 8 2022
https://venturebeat.com/2022/03/08/mandiant-reminds-us-dont-forget-about-log4j/
Hackers continue to target unpatched systems with Log4j vulnerabilities: Barracuda
Log4j is a very common logging library used by applications across the world. Logging lets developers see all the activity of an application.
March 8 2022
CISO expert on TEFCA, Log4j, the cloud and limited security budgets
March 8 2022
https://www.healthcareitnews.com/news/ciso-expert-tefca-log4j-cloud-and-limited-security-budgets
Is Log4j relevant to ERP managers? Yes, and we should prepare for the next security hack now
March 7 2022
https://diginomica.com/log4j-relevant-erp-managers-prepare-next-security-hack
Log4j Vulnerabilities: Over 80% of Exploitation Attempts Originated in the U.S.
Since the Log4j vulnerabilities were discovered in December 2021, 83% of infiltration attempts for cryptomining, ransomware, and DDoS attacks originated in the U.S.
March 4 2022
https://www.toolbox.com/it-security/threat-reports/news/log4j-vulnerabilities-exploitation-attempts/
After a Busy December, Attacks on Log4j Vulnerability Dropped
While attackers and researchers shift their attention to the next new vulnerability, security teams make sure they finish patching vulnerable Log4j versions in their applications and services.
March 4 2022
Security leaders want legal action for failing to patch for Log4j
March 2 2022
https://www.helpnetsecurity.com/2022/03/02/log4j-vulnerability-security-professionals/
Log4J: Microsoft discovers attackers targeting undisclosed SolarWinds vulnerability
Microsoft said it discovered previously undisclosed issues with the SolarWinds Serv-U software while looking for Log4J vulnerabilities.
Jan 21 2022
Log4J: Attackers continue targeting VMware Horizon servers
VMware has urged customers to apply the latest guidance as a way to resolve vulnerabilities CVE-2021-44228 and CVE-2021-4504.
Jan 22 2022
https://www.zdnet.com/article/log4j-attackers-continue-targeting-vmware-horizon-servers/
Top three questions about the Log4j vulnerability
Singapore’s Ensign Infosecurity answers the top three questions about the impact of the Log4j vulnerability
Jan 17 2022
https://www.computerweekly.com/news/252512071/Top-three-questions-about-the-Log4j-vulnerability
Lesson from Log4j: Open-source software improvements need help from feds
The tech industry is readying solutions to the security risks posed by the collaborative software that underpins modern-day computing — but aid from Washington could be essential to the project’s success.
Jan 6 2022
https://www.politico.com/news/2022/01/06/open-source-software-help-526676
Currently, it scans a given set of directories for JAR, WAR, ZIP, or EAR files, then scans for files therein matching a known set of checksums.
Jan 10 2022
The FTC Wants Companies to Find Log4j Fast. It Won't Be Easy
The critical vulnerability is buried among endless open source code, and many cyber experts are stumped.
Jan 10 2022
Apache Log4j Meets Optiv MXDR
Since mid-December, enterprises globally have been responding to the urgency of the Apache Log4j zero-day vulnerability. John Ayers of Optiv discusses Optiv MXDR and how it helps customers detect, respond and provide visibility to protect from potential exploits.
Dec 22 2022
https://www.healthcareinfosecurity.com/apache-log4j-meets-optiv-mxdr-a-18182
Log4j and the problem with trusting open source
Open source isn't the issue — companies need mechanisms to ensure the integrity of the software and code they adopt.
Dec 20 2021
https://www.cybersecuritydive.com/news/log4j-open-source-vulnerability/611784/
Log4j software bug: CISA issues emergency directive to federal agencies
Casual computer users have probably never heard of this logging software, but it's used across the entire internet.
Dec 17 2021
TellYouThePass ransomware revived in Linux, Windows Log4j attacks
Dec 17 2021
Casual computer users have probably never heard of this logging software, but it's used across the entire internet.
Dec 17 2021
Dec 17 2021
The Next Wave of Log4J Attacks Will Be Brutal
So far, Log4Shell has resulted mostly in cryptomining and a little espionage. The really bad stuff is just around the corner.
Dec 16 2021 03:41 PM
https://www.wired.com/story/log4j-log4shell-vulnerability-ransomware-second-wave/
So far, Log4Shell has resulted mostly in cryptomining and a little espionage. The really bad stuff is just around the corner.
Dec 16 2021
https://www.wired.com/story/log4j-log4shell-vulnerability-ransomware-second-wave/
Massive open-source flaw has put millions of systems at risk
Dec 15, 2021
https://www.axios.com/log4j-open-source-cybersecurity-flaw-de938d32-4e0c-4f29-ac4d-abbee71dca91.html
Log4j: Is There Such a Thing as ‘Too Much’ Open Source?
Dec 15 2021
https://devops.com/log4j-is-there-such-a-thing-as-too-much-open-source/
Protect Your IoT Devices from Log4j 2 Vulnerability
Dec 15 2021
FBI Statement on Log4j Vulnerability
December 15, 2021
https://www.fbi.gov/news/pressrel/press-releases/fbi-statement-on-log4j-vulnerability
Dec 15 2021
Dec 15 2021
https://www.fbi.gov/news/pressrel/press-releases/fbi-statement-on-log4j-vulnerability
Companies scramble to defend against newly discovered 'Log4j' digital flaw
Dec 14 2021
Log4j zero-day flaw: What you need to know and how to protect yourself
The Log4j vulnerability affects everything from the cloud to developer tools and security devices. Here's what to look for, according to the latest information.
Dec 14 2021
https://www.zdnet.com/article/log4j-zero-day-flaw-what-you-need-to-know-and-how-to-protect-yourself/
Dec 14 2021
The Log4j vulnerability affects everything from the cloud to developer tools and security devices. Here's what to look for, according to the latest information.
Dec 14 2021
https://www.zdnet.com/article/log4j-zero-day-flaw-what-you-need-to-know-and-how-to-protect-yourself/
Dec 10 2021
https://snyk.io/blog/log4j-rce-log4shell-vulnerability-cve-2021-4428/
Unauthenticated RCE Vulnerability Could Affect 'Thousands of Organizations'
Dec 10 2021
https://www.bankinfosecurity.com/severe-apache-log4j-vulnerability-threatens-enterprise-apps-a-18101
‘The Internet Is on Fire’
A vulnerability in the Log4j logging framework has security teams scrambling to put in a fix.
Dec 10 2021
Log4j vulnerability explained: Prevent Log4Shell RCE by updating to version 2.16.0
Dec 10 2021
https://snyk.io/blog/log4j-rce-log4shell-vulnerability-cve-2021-4428/
Severe Apache Log4j Vulnerability Threatens Enterprise Apps
Unauthenticated RCE Vulnerability Could Affect 'Thousands of Organizations'
Dec 10 2021
https://www.bankinfosecurity.com/severe-apache-log4j-vulnerability-threatens-enterprise-apps-a-18101