Serious Vulnerabilities Found in AWS’s Log4Shell Hot Patches
Hot patches made available by Amazon Web Services (AWS) in response to the recent Log4j vulnerabilities could be exploited for privilege escalation or to...
Tagged: Log4Shell
Chinese Hackers Target VMware Horizon Servers with Log4Shell to Deploy Rootkit
A Chinese advanced persistent threat tracked as Deep Panda has been observed exploiting the Log4Shell vulnerability in VMware Horizon servers to deploy a backdoor...
Chinese hackers Deep Panda return with Log4Shell exploits, new Fire Chili rootkit
Deep Panda has launched new attacks this month that exploit Log4Shell to deploy the new Fire Chili rootkit. Deep Panda is a Chinese advanced...
Log4Shell flaw: Still being used for crypto mining, botnet building… and Rickrolls
Log4Shell, the critical bug in Apache’s widely used Log4j project, hasn’t triggered the disaster that was feared, but it’s still being exploited and predominantly...
Cynet Log4Shell Webinar: A Thorough – And Clear
Most security practitioners are now aware of the Log4Shell vulnerability discovered toward the end of 2021. No one knows how long the vulnerability existed...
Initial Access Broker Involved in Log4Shell Attacks Against VMware Horizon Servers
An initial access broker group tracked as Prophet Spider has been linked to a set of malicious activities that exploits the Log4Shell vulnerability in...
Log4j flaw: Attackers are targeting Log4Shell vulnerabilities in VMware Horizon servers, says NHS
The UK’s National Health Service (NHS) has issued a warning that hackers are actively targeting Log4J vulnerabilities and is recommending that organisations within the...
JFrog researchers find JNDI vulnerability in H2 database consoles similar to log4shell
Security researchers from JFrog said on Thursday that they discovered a critical JNDI-based vulnerability in the H2 database console exploiting a root cause similar...
Chinese APT Hackers Used Log4Shell Exploit to Target Academic Institution
A never-before-seen China-based targeted intrusion adversary dubbed Aquatic Panda has been observed leveraging critical flaws in the Apache Log4j logging library as an access...
Chinese Spies Exploit Log4Shell to Hack Major Academic Institution
China-linked cyberespionage group Aquatic Panda was recently observed exploiting the Log4Shell vulnerability to compromise a large academic institution, CrowdStrike’s Falcon OverWatch team reports. Tracked...