News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Heavily exploited vulnerabilities up to five years old!
Heavily exploited vulnerabilities up to five years old!

As Tenable's Threat Landscape Report shows, the most frequently attacked vulnerabilities have typically been known for many years. The attackers are counting on the fact that the patches have not been used and that no one is monitoring the gaps. With Microsoft Exchange, Log4Shell or Follina, there were always old vulnerabilities. Tenable's annual Threat Landscape Report is out. The report confirms the continued threat of known vulnerabilities—that is, those for which patches have already been made available—as the prime vector for cyberattacks. The results are based on the analysis of cyber security incidents, vulnerabilities…

Read more

Ransomware volume in Q1-2022 higher than in all of 2021!
Ransomware volume in Q1-2022 higher than in all of 2021!

WatchGuard releases its Internet Security Report. The most important result first: the ransomware volume in the first quarter of 2022 is already twice as high as in the whole of 2021! Analysis shows a tripling of attacks via Log4Shell, the return of the Emotet botnet, an increase in cryptomining activity, and Lapsus$ is coming. The threat of ransomware continues to grow inexorably: According to an analysis by the WatchGuard Threat Lab, there were already twice as many relevant attack attempts in the first quarter of 2022 as in the entire previous year. Corey Nachreiner, Chief Security Officer at WatchGuard: "Based on the extremely high level of...

Read more

Vulnerabilities Spring Cloud, Spring Core, Spring4Shell
Tenable news

Tenable explains the new vulnerabilities Spring Cloud, Spring Core - also known as Spring4Shell - which have nothing to do with Log4j or Log4Shell, even if the name suggests it. However, Spring4Shell remains unpatched as of now, making it a zero-day vulnerability. Satnam Narang, Staff Research Engineer, Tenable, discusses the differences between two vulnerabilities that are making the news right now - Spring Cloud and Spring Core (aka Spring4Shell). He also provides a blog with FAQ about Spring4Shell. Spring4Shell has nothing to do with Log4Shell “On 29….

Read more

Log4j-Log4Shell: Attackers use vulnerability for permanent server access
Log4j Log4shell

SophosLabs researchers discovered three backdoors and four cryptominers targeting unpatched VMware Horizon servers to gain persistent access. Sophos is today releasing its latest research on the Log4j Log4Shell vulnerability. Attackers use these to embed backdoors and script unpatched VMware Horizon Servers. This gives them persistent access to VMware Horizon Server for future ransomware attacks. In the detailed report Horde of Miner Bots and Backdoors Leveraged Log4J to Attack VMware Horizon Servers, Sophos researchers describe the tools and techniques used to compromise servers, as well as three different backdoors and…

Read more

Trending Evil Q1 2022: 30 attack campaigns against the Log4j vulnerability

Trending Evil provides insights into the latest threats observed by Mandiant Managed Defense. The Trending Evil Q1 2022 report focuses on the ongoing impact of the Log4j /Log4Shell vulnerability and the proliferation of financially motivated attacks. 30 attack campaigns exploiting the Log4j vulnerability (CVE-2021-44228) are currently under surveillance, including activities by state attacker groups allegedly controlled by China and Iran. During the reporting period, Mandiant Managed Defense detected eleven different malware families used to exploit the Log4j / Log4Shell vulnerability. Trending Evil Q1 2022: The findings at a glance In addition, Managed Defense observed numerous financially…

Read more

Log4j - Log4Shell Alert - Just an Isolated Case?
Log4j - Log4Shell Alert – Just an Isolated Case?

The answer to the question of whether Log4j / Log4Shell was unique is no. Certainly, the impact of the Log4Shell vulnerability was unusual. But RCE vulnerabilities are not uncommon. This was also shown by the attack in spring 2021 by the group known as "Hafnium" on Microsoft Exchange. Software modules, such as the currently affected library, which are used in many applications in parallel and thus offer a wide range of attack points, are also part of everyday IT life. Still – what is special about the Log4j / Log4Shell incident is that all these factors come together. Other weaknesses in everyday IT This at least happens rarely,…

Read more

Log4j: The attack tsunami was still missing
Log4j Log4shell

Even if the feared mass exploitation of the Log4j / Log4Shell vulnerability has not yet taken place, the bug will be a target for attacks for years to come, according to Chester Wisniewski, Principal Research Scientist at Sophos. So far there has been no big Log4j / Log4Shell earthquake - a forensic status finding. The expert teams at Sophos have forensically analyzed the events surrounding the Log4Shell vulnerability since it was discovered in December 2021 and made an initial assessment - including a future forecast by Principal Research Scientist Chester Wisniewski and various graphics showing the exploitation of the vulnerability. The…

Read more

Log4j: Interview with the Swiss developer
B2B Cyber ​​Security ShortNews

The Java library Log4j was developed in 1997 by Ceki Gülcü with two colleagues in Switzerland - in the Neue Züricher Zeitung NZZ, the inventor tells the story of the origins of the open source software, which is now keeping the entire IT world on its toes due to a weak point . 24 years ago, Ceki Gülcü and two colleagues in Zurich developed the code for a software component for the Java programming language called Log4j. For many years the term Log4j was only known to experts. But today the software is in millions of applications and devices. Therefore now deals ...

Read more

Log4j alert: ESET blocks hundreds of thousands of attacks on servers
Eset_News

The statistics with recorded attack attempts show that ESET has already blocked hundreds of thousands of attacks on servers related to Log4j / Log4Shell. Most of the attack attempts take place in the USA - Germany is in fourth place, as an interactive map shows. ESET has further analyzed the attempted attacks on IT systems that target the Log4j / Log4Shell security gap. ESET researchers still consider the vulnerability to be highly problematic as many computers still did not receive the required security updates. Therefore, ESET is assuming a ...

Read more

Log4j alarm: this is what F-Secure says about the security gap
Log4j Log4shell

A vulnerability in the Log4J library, which was discovered on Friday, December 10th, rocked software manufacturers and service providers around the world. The weak point in the standardized method for processing log messages in software from Microsoft's Minecraft to e-commerce platforms is already being attacked by attackers. It is almost impossible to describe the extent of the risk that currently exists in vulnerable applications. If a user-controlled string that targets the vulnerability is logged, the vulnerability can be run remotely. In simple terms, an attacker can use this vulnerability ...

Read more