SiliconANGLE

Spring vulnerability could potentially be the next Log4Shell

A newly discovered vulnerability in the Spring Cloud Function could have the potential of being the next Log4shell, according to security researchers today. The vulnerability, dubbed “Spring4Shell,” ...
ZDNet

These hackers used Log4Shell vulnerability to target US energy firms

State-backed hackers behind the infamous crypto-stealing group Lazarus are now using the Log4Shell flaw to breach energy firms in North America and Japan for purposes of espionage. Cisco's Talos ...
Threat Post

SAP Kicks Log4Shell Vulnerability Out of 20 Apps

SAP’s still feverishly working to patch another 12 apps vulnerable to the Log4Shell flaw, while its Patch Tuesday release includes 21 other fixes, some rated at 9.9 criticality. SAP has identified 32 ...
Forbes

Getting Ready For The Next Log4Shell Vulnerability

Bernd Greifeneder is the CTO and Founder of Dynatrace, a software intelligence company that helps to simplify enterprise cloud complexity. Rarely has an obscure piece of open-source code captured the ...
WeLiveSecurity

Log4Shell vulnerability: What we know so far

Just as the holiday season is approaching our doorstep, a critical vulnerability in an Apache code library called Log4j 2 has come knocking at the door. Log4j is an open-source Java-based logging ...
Mashable

It's already attacked 'Minecraft': The race is on to fix the biggest PC vulnerability in years

Minecraft has patched the exploit, but the threat for many others remains. Credit: Georg Wendt/picture alliance via Getty Images It's being called the "worst bug impacting the Internet in the last 5 ...
9to5Mac

Apple patches Log4Shell iCloud vulnerability, described as most critical in a decade

Apple has patched the Log4Shell iCloud vulnerability, after it was last week revealed that a security hole in the open-source tool log4j put millions of apps at risk. Cybersecurity experts described ...
VentureBeat

Spring Core vulnerability doesn’t seem to be Log4Shell all over again

A newly disclosed remote code execution vulnerability in Spring Core, a widely used Java framework, does not appear to represent a Log4Shell-level threat. Security researchers at several organizations ...
VentureBeat

‘Vaccine’ against Log4Shell vulnerability has potential — and limitations

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More A “vaccine” against the Log4Shell vulnerability appears to offer a way to ...
TechRepublic

Survey: Recovery from Log4Shell vulnerability is ongoing with 77% of organizations still in patching mode

Survey: Recovery from Log4Shell vulnerability is ongoing with 77% of organizations still in patching mode Your email has been sent Log4Shell was a cybersecurity wake up call across every industry, ...
Computer Weekly

Apache vulnerability a risk, but not as widespread as Log4Shell

Security teams should be alert to the possibility of compromise arising from a vulnerability in Apache Commons Text that may put many organisations at risk, but is unlikely to be as impactful as ...