TechRepublic

Log4j: How to protect yourself from this security vulnerability

The Log4j security vulnerability known as Log4Shell is shaping up to be one of the worst security flaws of the year, potentially affecting millions of applications and painting a bullseye on unpatched ...
Dark Reading

How Do I Find My Servers With the Log4j Vulnerability?

Question: How do I find servers in my organization that have the vulnerable Log4j component? For enterprise IT and security teams tasked with updating Java applications containing the vulnerable Log4j ...
Bleeping Computer

New Linux botnet exploits Log4J, uses DNS tunneling for comms

A recently discovered botnet under active development targets Linux systems, attempting to ensnare them into an army of bots ready to steal sensitive info, installing rootkits, creating reverse shells ...
ZDNet

Log4j flaw attack levels remain high, Microsoft warns

Microsoft has warned Windows and Azure customers to remain vigilant after observing state-sponsored and cyber-criminal attackers probing systems for the Log4j 'Log4Shell' flaw through December.
Bleeping Computer

TellYouThePass ransomware revived in Linux, Windows Log4j attacks

Threat actors have revived an old and relatively inactive ransomware family known as TellYouThePass, deploying it in attacks against Windows and Linux devices targeting a critical remote code ...
ZDNet

Log4j flaw hunt shows how complicated the software supply chain really is

Open-source software is everywhere now, but the Log4j flaw that affects Java enterprise applications is a reminder of what can go wrong in the complicated modern software supply chain. The challenge ...