Security news that informs and inspires

Archive

22 results for tag Log4j:

Alpha-Omega Project Aims to Secure Open Source Ecosystem

The new Alpha-Omega Project from the Open Source Security Foundation will offer technical and financial assistance to open source maintainers to help them find and fix security flaws.

Log4j, Heartbleed, Opensource

Failed Attacks Target SolarWinds Serv-U Bug in Log4Shell Campaigns

Microsoft researchers observed attackers exploiting the Log4Shell bug in the SolarWinds Serv-U software.

Log4j

Tech Leaders, Federal Officials Seek a Way Forward for Open Source Security

White House officials and leaders from Apple, Google, GitHub, and other companies met to discuss ways to improve the security of open source projects critical to national security.

Open Source, Log4j

APT35 Executes PowerShell-Based Malware in Log4j Flaw Attacks

The Iran-linked threat actor is exploiting the infamous Log4j bug in order to execute a new PowerShell data exfiltration toolkit.

Apt35, Log4j, Malware

China-Based Actors Using Log4Shell Bug for Ransomware Deployment

Threat actors known as DEV-0401 based in China are exploiting the Log4Shell vulnerability to deploy the NightSky ransomware.

Log4j