log4shell – Computer Security Articles

2022’s most routinely exploited vulnerabilities—history repeats

August 7, 2023 admin atlassian, cve-2021-13379, cve-2021-26084, cve-2021-31207, cve-2021-34473, cve-2021-34523, cve-2021-40539, cve-2021-44228, cve-2022-1388, cve-2022-22954, cve-2022-22960, cve-2022-26134, cve-2022-30190, Exploits and vulnerabilities, follina, log4shell, news, proxyshell, zoho manageengine

Categories: Exploits and vulnerabilities

Categories: News

Tags: Zoho ManageEngine

Tags: CVE-2021-40539

Tags: Log4Shell

Tags: CVE-2021-44228

Tags: CVE-2021-13379

Tags: ProxyShell

Tags: CVE-2021-34473

Tags: CVE-2021-31207

Tags: CVE-2021-34523

Tags: CVE-2021-26084

Tags: Atlassian

Tags: CVE-2022-22954

Tags: CVE-2022-22960

Tags: CVE-2022-26134

Tags: CVE-2022-1388

Tags: CVE-2022-30190

Tags: Follina

What can the routinely exploited vulnerabilities of 2022 tell us, and what do we think will make it on to next year’s list?

MalwareBytes Security

Why Log4Text is not another Log4Shell

October 19, 2022 admin Apache, commons text, cve-2022-42889, Exploits and vulnerabilities, interpolators, log4j, log4shell, log4text, news

Categories: Exploits and vulnerabilities

Categories: News

Tags: Log4Text

Tags: Apache

Tags: Commons Text

Tags: CVE-2022-42889

Tags: Log4j

Tags: Log4Shell

Tags: interpolators

Log4Text is a recently found vulnerability in Apache Commons. Log4Text provoked a knee jerk reaction because it reminds us of Log4Shell. So should we worry?

(Read more…)

The post Why Log4Text is not another Log4Shell appeared first on Malwarebytes Labs.

MalwareBytes Security

Researchers found one-click exploits in Discord and Teams

August 15, 2022 admin discord, electron, electronjs, Exploits and vulnerabilities, log4j, log4shell, microsoftteams, news, NodeJS, Spotify, v8 chrome

Categories: Exploits and vulnerabilities

Categories: News

Tags: Discord

Tags: Spotify

Tags: MicrosoftTeams

Tags: Electron

Tags: ElectronJS

Tags: NodeJS

Tags: V8 Chrome

Tags: Log4Shell

Tags: Log4j

A group of security researchers found a series of vulnerabilities in the software underlying popular apps like Discord, Microsoft Teams, and many others

MalwareBytes Security

A week in security (June 27 – July 3)

July 4, 2022 admin a week in security, amazon photos, AMD, astralocker, evilnum, hermit, log4shell, omegle, raccoon stealer, ransomhouse, ransomware, ytstealer, zuorat

Credit to Author: Malwarebytes Labs| Date: Mon, 04 Jul 2022 10:04:58 +0000

The most important and interesting computer security stories from the last week.

The post A week in security (June 27 – July 3) appeared first on Malwarebytes Labs.

MalwareBytes Security

CISA Log4Shell warning: Patch VMware Horizon installations immediately

June 27, 2022 admin exploit, Exploits and vulnerabilities, log4shell, Malwarebytes news, VMware, Vulnerability

Credit to Author: Christopher Boyd| Date: Mon, 27 Jun 2022 09:54:58 +0000

CISA warns of log4shell being actively exploited to compromise VMware Horizon systems. We take a look at their warning.

The post CISA Log4Shell warning: Patch VMware Horizon installations immediately appeared first on Malwarebytes Labs.

MalwareBytes Security

The top 5 most routinely exploited vulnerabilities of 2021

April 29, 2022 admin cisa, confluence, cve-2021-26084, cve-2021-26857, cve-2021-26858, cve-2021-27065, cve-2021-31207, cve-2021-34473, cve-2021-34523, cve-2021-40539, cve-2021-44228, cve-26855, Exploits and vulnerabilities, log4shell, microsoft exchange server, ognl, proxylogon, proxyshell, zoho manageengine

Credit to Author: Pieter Arntz| Date: Fri, 29 Apr 2022 16:28:20 +0000

International cybersecurity authorities have published an overview of the most routinely exploited vulnerabilities of 2021.

The post The top 5 most routinely exploited vulnerabilities of 2021 appeared first on Malwarebytes Labs.

Security Sophos

Log4Shell: How the Attackers’ Faces Have Changed Over Time

February 2, 2022 admin exploit, Featured, log4j, log4shell, security operations, threat research, Vulnerability

Credit to Author: Chester Wisniewski| Date: Wed, 02 Feb 2022 09:34:16 +0000

Following an article on January 24, 2022 of Log4Shell scanning and attack detections since the bug was reported, Sophos addresses reader questions about who’s behind it all

Security Sophos

Log4Shell: No Mass Abuse, But No Respite, What Happened?

February 2, 2022 admin exploit, Featured, log4j, log4shell, mtr, security operations, threat research, Vulnerability

Credit to Author: Chester Wisniewski| Date: Mon, 24 Jan 2022 17:52:07 +0000

Sophos reviews the scanning and attack detections for Log4Shell to see what’s really going on