Businesses around the world will spend years dealing with the repercussions from critical vulnerabilities discovered in Apache log4j, Tenable Co-Founder and CTO Renaud Deraison predicted.

What some call the worst cybersecurity catastrophe of the year – the Apache Log4j logging library exploit – has spun off 60 bigger mutations in less than a day, researchers said.

The resulting complexity makes fixing enterprise-class applications very difficult. A list of applications affected by Log4j can be found on GitHub. Who's Using the Log4j Exploit and How?

Microsoft added a preview solution in Microsoft Sentinel that helps IT pros find signs of Log4j exploits, according to a Thursday announcement and Twitter post.

Researchers at cybersecurity giant Check Point said today that they’ve observed attempted exploits of the Log4j vulnerability, known as Log4Shell, on more than 44% of corporate networks worldwide.

Conti is pursuing lateral movement on vulnerable Log4j VMware vCenter servers, making them the first major ransomware gang revealed to be weaponizing the massive bug.

Podcast: Cybereason shares details about its vaccine: a fast shot in the arm released within hours of the Apache Log4j zero-day horror show being disclosed.

Dec 14, 2021 14:45:00 A cheat sheet that summarizes how to deal with the Java / Log4j library vulnerability 'Log4Shell' is being released, and the affected products are also revealed at a glance.