Log4j Archives - Securezoo

Top 12 Most Routinely Exploited vulnerabilities in 2022

Cybersecurity Attacks, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / August 18, 2023 / Apache, BIG-IP, CVE-2018-13379, CVE-2021-26084, CVE-2021-31207, CVE-2021-34473, CVE-2021-34523, CVE-2021-40539, CVE-2021-44228, CVE-2022-1388, CVE-2022-22954, CVE-2022-22960, CVE-2022-26134, CVE-2022-30190, F5, Log4j, log4Shell, ProxyShell, Zoho

Cybersecurity security agencies from the United States, United Kingdom, Australia, Canada and New Zealand have published the top 12 routinely exploited vulnerabilities in 2022.

CISA Adds TP-Link, Apache Log4j2 and Oracle WebLogic Vulnerabilities To Known Exploited Vulnerabilities Catalog

Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / May 2, 2023 / Apache, CVE-2021-45046, CVE-2023-1389, CVE-2023-21839, Log4j, Oracle, TP-Link, WebLogic

The Cybersecurity and Infrastructure Security Agency (CISA) has added TP-Link, Apache Log4j2 and Oracle WebLogic vulnerabilities to its Known Exploited Vulnerabilities Catalog.

Oracle Critical Patch Update for July 2022

Database Security, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / July 25, 2022 / CVE-2021-31805, CVE-2022-1292, CVE-2022-22721, CVE-2022-23305, CVE-2022-23632, CVE-2022-34169, Database, Log4j, MySQL, Oracle, Spring Framework

Oracle has released its Critical Patch Update for July 2022 to include 349 vulnerability fixes across multiple products. The updates also include fixes for Log4j and Spring Framework vulnerabilities.

Cyber actors continue to exploit Log4Shell vulnerability (CVE-2021-44228) in VMware Horizon Systems (updated)

Cybersecurity Attacks, Malware, Vulnerabilities & Exploits / By Frank Crast / July 20, 2022 / APT, Aquatic Panda, CGCYBER, CISA, CVE-2021-44228, Cybersecurity Threat Center, Deep Panda, Log4j, log4Shell, UAG

The Cybersecurity and Infrastructure Security Agency (CISA) warns cyber actors continue to exploit Log4Shell vulnerability (CVE-2021-44228) in VMware Horizon Systems.

Millions of Java apps still vulnerable to Log4Shell

Vulnerabilities & Exploits / By Frank Crast / April 29, 2022 / Apache, CVE-2021-44228, Log4j, log4Shell, Rezilion

Researchers have found millions of Java applications still vulnerable in the wild to the infamous Log4Shell vulnerability CVE-2021-44228, more than four months after the severe flaw was discovered.

Deep Panda APT group launches new attacks against Log4Shell vulnerability to install Fire Chili rootkits

Cybersecurity Attacks, Malware, Vulnerabilities & Exploits / By Frank Crast / April 2, 2022 / APT, CVE-2021-44228, Deep Panda, FortiLabs, Log4j, log4Shell

In the past month, researchers from FortiLabs have detected a new cyber campaign involving Chinese Advanced Persistent Threat (APT) group Deep Panda that has exploited the Log4Shell (log4j) vulnerability CVE-2021-44228 on vulnerable VMware Horizon servers to install digitally signed Fire Chili rootkits.

Log4j

Top 12 Most Routinely Exploited vulnerabilities in 2022

CISA Adds TP-Link, Apache Log4j2 and Oracle WebLogic Vulnerabilities To Known Exploited Vulnerabilities Catalog

Oracle Critical Patch Update for July 2022

Cyber actors continue to exploit Log4Shell vulnerability (CVE-2021-44228) in VMware Horizon Systems (updated)

Millions of Java apps still vulnerable to Log4Shell

Deep Panda APT group launches new attacks against Log4Shell vulnerability to install Fire Chili rootkits

SAP March 2022 Security Patch Day addresses 2 new Critical vulnerabilities

SAP February 2022 Security Patch Day addresses Critical log4j and ICMAD vulnerabilities

SAP January 2022 Security Patch Day addresses Critical and High risk vulnerabilities

Threat hunters discover Aquatic Panda Log4Shell exploit attempts