Recherche : [Log4j] - Cyberveille

The gift that keeps on giving: A new opportunistic Log4j campaign https://securitylabs.datadoghq.com/articles/the-gift-that-keeps-on-giving-a-new-opportunistic-log4j-campaign/?is=e4f6b16c6de31130985364bb824bcb39ef6b2c4e902e4e553f0ec11bdbefc118

26/08/2024 08:54:42

In this post, we analyze a new opportunistic exploitation campaign based on the Log4j vulnerability.

Log4j Exploited by XMRig Cryptominer Malware: Analysis & Mitigation https://www.uptycs.com/blog/log4j-campaign-xmrig-malware

16/05/2024 16:56:08

Learn how the Log4j vulnerability (CVE-2021-44228) is exploited by XMRig cryptominer malware. Discover attack methods, indicators, and effective mitigation strategies.

One in four apps remain exposed to Log4Shell https://www.theregister.com/2023/12/11/log4j_vulnerabilities/

12/12/2023 19:58:36

Two years after the Log4Shell vulnerability in the open source Java-based Log4j logging utility was disclosed, circa one in four applications are dependent on outdated libraries, leaving them open to exploitation.

Research from security shop Veracode revealed that the vast majority of vulnerable apps may never have updated the Log4j library after it was implemented by developers as 32 percent were running pre-2015 EOL versions.

China-backed APT41 compromised ‘at least’ six US state governments https://techcrunch.com/2022/03/08/apt41-state-governments/

09/03/2022 08:47:52

The prolific China APT41 hacking group, known for carrying out espionage in parallel with financially motivated operations, has compromised multiple U.S. state government networks, according to cybersecurity giant Mandiant. The group — seemingly undeterred by U.S. indictments against five APT41 members in 2020 — conducted a months-long campaign during which it targeted and successfully breached […]

Liens par page

Filtres