News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Day: Log4j

Log4j: The attack tsunami was still missing
1. February 2022
| No comments
| PR News, Sophos
Log4j Log4shell

Even if the feared mass exploitation of the Log4j / Log4Shell vulnerability has not yet taken place, the bug will be a target for attacks for years to come, according to Chester Wisniewski, Principal Research Scientist at Sophos. So far there has been no big Log4j / Log4Shell earthquake - a forensic status finding. The expert teams at Sophos have forensically analyzed the events surrounding the Log4Shell vulnerability since it was discovered in December 2021 and made an initial assessment - including a future forecast by Principal Research Scientist Chester Wisniewski and various graphics showing the exploitation of the vulnerability. The…

Read more

Log4j: Kaspersky registers 30.000 scans for vulnerabilities
31 January 2022
| No comments
| Kaspersky, PR News
Log4j Log4shell

Although the Apache Foundation released a patch shortly after the discovery of Log4j / Log4Shell, this vulnerability continues to pose a major threat to consumers and businesses. Kaspersky products blocked 30.562 attack attempts in the first three weeks of January. The vulnerability is extremely attractive to cyber criminals as it is easy to exploit and allows them to take complete control over the victim's system. Log4j: Kaspersky already blocked over 150.000 attacks Since initial reporting, Kaspersky products have detected and blocked 154.098 attempts to scan and attack devices by targeting…

Read more

Log4j: DriveLock offers scanner on Vulnerability Management Dashboard
26 January 2022
| No comments
| PR News
Log4j Log4shell

Drivelock offers its customers a scanner via the Vulnerability Management Dashboard to check whether they are affected by the Log4j or Log4shell vulnerability at all. All you have to do is add a test string. Log4j has been on everyone's lips for several weeks. DriveLock had already commented on this in a detailed blog post on Log4j and Log4Shell. There are many descriptions of the vulnerability and criticality (CVE-2021-44228 in Apache Log4j 2) on the Internet. Nevertheless, many IT departments are already challenged with the simple question: "Am I affected at all and if so,...

Read more

Log4j vulnerability in ASCEND closed quickly
16 January 2022
| No comments
| Short news
B2B Cyber ​​Security ShortNews

The Log4j vulnerability in December 2021 caused a major stir in cybersecurity. ASCEND reacted immediately and examined and secured all hardware and software systems - also for customers. In December 2021, a vulnerability rated as extremely critical was discovered in the widely used Java library Log4j. It allows cyber criminals to easily access a targeted server to run malware or take control of the system. ASCEND reacted immediately and checked all systems for this gap. Patches have closed Log4j gaps "Our hardware manufacturers and software partners have the few...

Read more

Log4j: Interview with the Swiss developer
4 January 2022
| No comments
| Short news
B2B Cyber ​​Security ShortNews

The Java library Log4j was developed in 1997 by Ceki Gülcü with two colleagues in Switzerland - in the Neue Züricher Zeitung NZZ, the inventor tells the story of the origins of the open source software, which is now keeping the entire IT world on its toes due to a weak point . 24 years ago, Ceki Gülcü and two colleagues in Zurich developed the code for a software component for the Java programming language called Log4j. For many years the term Log4j was only known to experts. But today the software is in millions of applications and devices. Therefore now deals ...

Read more

Log4j alert: ESET blocks hundreds of thousands of attacks on servers
24 December 2021
| No comments
| Short news
Eset_News

The statistics with recorded attack attempts show that ESET has already blocked hundreds of thousands of attacks on servers related to Log4j / Log4Shell. Most of the attack attempts take place in the USA - Germany is in fourth place, as an interactive map shows. ESET has further analyzed the attempted attacks on IT systems that target the Log4j / Log4Shell security gap. ESET researchers still consider the vulnerability to be highly problematic as many computers still did not receive the required security updates. Therefore, ESET is assuming a ...

Read more

Log4j alarm: heat maps show attempted attacks and scans
23 December 2021
| No comments
| Short news, Sophos
SophosNews

Sophos registers the scans for Log4j vulnerabilities worldwide and the countries from which many exploits come: China and Russia. The findings show two heatmaps. Sean Gallagher, Senior Threat Researcher at Sophos “Sophos continues to monitor scans for Log4j vulnerabilities. In the past, we've seen large spikes and then sharp drops in such scans and exploit attempts. In the case of Log4j, we didn't see a drop, but rather daily scans and access attempts from a globally distributed infrastructure. We expect this high level of activity to continue as the vulnerability...

Read more

Log4j alarm: this is what F-Secure says about the security gap
21 December 2021
| No comments
| PR News
Log4j Log4shell

A vulnerability in the Log4J library, which was discovered on Friday, December 10th, rocked software manufacturers and service providers around the world. The weak point in the standardized method for processing log messages in software from Microsoft's Minecraft to e-commerce platforms is already being attacked by attackers. It is almost impossible to describe the extent of the risk that currently exists in vulnerable applications. If a user-controlled string that targets the vulnerability is logged, the vulnerability can be run remotely. In simple terms, an attacker can use this vulnerability ...

Read more

UPDATE Log4j BSI: Extremely critical vulnerability in the Java library
20 December 2021
| No comments
| Short news
Log4j Log4shell

The BSI publishes an update on their report: "Red warning level: Log4Shell vulnerability leads to an extremely critical threat situation" with new findings and further developments. According to the Federal Office for Information Security (BSI), the vulnerability called "Log4Shell" in the widely used Java library Log4j continues to lead to a critical IT security situation. The BSI provides up-to-date information on its special page on Log4j at . There is still no conclusive clarity as to which IT products are vulnerable to "Log4Shell". The Dutch partner authority of the BSI maintains an overview of the vulnerability status of numerous IT products,…

Read more

Log4j alarm: Bitdefender Labs with first Log4Shell balance
20 December 2021
| No comments
| Bitdefender, PR News
Log4j Log4shell

The experts at Bitdefender Labs report an initial assessment of Log4j and Log4Shell: Hackers are intensively looking for vulnerabilities. A Tor concealment of the accesses to real endpoints makes Germany the seemingly number one country of origin of the attacks. Bitdefender counted 36.000 hits on honeypots in seven days. The Log4Shell vulnerability has been actively exploited by Apache as CVE-9-2021 since it was disclosed on December 2021, 44228. The results are amazing. Most of the attack attempts seem to come from western industrialized countries such as Germany, the USA and the Netherlands, but apparently some of them hide their origin behind exit nodes of the Tor network. That puts ...

Read more

© 2024 MedPressIT GbR
Cookie Settings