Threat Post

Third Log4J Bug Can Trigger DoS; Apache Issues Patch

The new Log4j vulnerability is similar to Log4Shell in that it also affects the logging library, but this DoS flaw has to do with Context Map lookups, not JNDI. No, you’re not seeing triple: On Friday ...
Wall Street Journal

Hackers Backed by Foreign Governments See Opportunity With Log4j Bug

This transcript was prepared by a transcription service. This version may not be in its final form and may be updated. Zoe Thomas: This is your Tech News Briefing for Thursday, December 16th. I'm Zoe ...
CBS News

Panel finds notorious Log4j internet bug did not lead to any "significant" attacks on critical infrastructure

A panel of U.S. government officials and private-sector experts tasked with investigating the nation's major cybersecurity failures has concluded that the notorious Log4j internet bug did not prompt ...
New Scientist

Log4j software bug is 'severe risk' to the entire internet

A major security flaw has been discovered in a piece of software called Log4j, which is used by millions of web servers. The bug leaves them vulnerable to attack, and teams around the world are ...
Popular Science

What to know about the latest cybersecurity bug in log4j

Breakthroughs, discoveries, and DIY tips sent every weekday. Terms of Service and Privacy Policy. On Saturday, the US Cybersecurity and Infrastructure Security Agency ...
The Next Web

The Log4j bug exposes a bigger issue: Open-source funding (Updated)

Update (December 14 ,2021): We’ve updated this article with information about the new Log4j version release, along with new exploit vectors, and risks related to all Java versions. While you were ...
CRN

Ransomware Gang Hijacking Log4j Bug To Hit Minecraft Servers

Outside of the ransomware space, Iranian hacking group APT 35 has attempted to exploit the Log4j flaw against seven targets in the Israeli government and business sector over the past day, Check Point ...
Threat Post

Microsoft: Attackers Tried to Login to SolarWinds Serv-U Via Log4j Bug

UPDATE: SolarWinds has fixed a Serv-U bug discovered when attackers used the Log4j flaw to try to log in to the file-sharing software. Attackers are trying to log in to SolarWinds Serv-U file-sharing ...
Gizmodo

Log4j: Just How Screwed Are We?

Well, it’s certainly been a year for cyber debacles, so, sure, why not tie things off with a nice, fat security vulnerability that affects almost everything on the internet? That sounds about right.
techtimes

Minecraft Vulnerability Spotted | How to Fix Log4j Bug

A newly discovered vulnerability is now posing a huge threat towards Java versions of Minecraft, making it possible to execute malicious code on servers as well as end-user devices that are playing ...
ZDNet

Log4j added to DHS bug bounty program

Cybersecurity and Infrastructure Security Agency (CISA) director Jen Easterly and Homeland Security Secretary Alejandro Mayorkas announced the expansion of the "Hack DHS" bug bounty program, noting on ...