Last week, Minecraft was hit by perhaps the worst exploit ever seen, which is saying something for a game that's over a decade old. This exploit, if performed correctly, allowed malicious players to ...

Of all the security issues that have appeared over the last few years, none has had the impact of the Log4j exploit. Also called the Log4Shell, it was reported to the developers, the Apache Software ...

We explore a far-reaching, real-world exploit with damaging implications in this edition of SecurityWatch. I review privacy tools like hardware security keys, password managers, private messaging apps ...

‘We’re discovering new apps every minute which use Log4j in one way or another. It affects not only the code you build, but also the third-party systems you have in place,’ writes Tenable CTO Renaud ...

The vulnerability allows remote code execution on servers, including those operated by Apple, Twitter, Valve, Tencent, and other major service providers. I've been writing about tech, including ...

米Microsoft傘下のMojangは12月10日（現地時間）、「Minecraft: Java Edition」の最新版v1.18.1を公開した。ロギングライブラリ「Apache Log4j」で発見された任意コード実行の脆弱性（CVE-2021-44228）に対処したセキュリティアップデートとなっており、早急なアップデートが ...

さまざまなプログラムに使われているJavaのログ出力ライブラリ「Log4j」にリモートコード実行のゼロデイ脆弱(ぜいじゃく)性「Log4Shell(CVE-2021-44228)」が2021年12月10日に発覚し、大きな混乱を呼んでいます。Log4jをリリースするApacheは脆弱性を解決したバージョン ...

Javaで使われるログ出力ライブラリ「Apache Log4j」に悪意のある文字列を記録させることで、任意のリモートコードを実行できるようになる（Remote Code Execution, RCE）、ゼロデイ脆弱性があることが12月10日に分かった。広範囲に影響が及ぶ可能性があることから ...

Iran-backed hacking group Phosphorous or APT35 is using the Log4j vulnerability to distribute a new modular PowerShell toolkit, according to security firm Check Point. APT35 is one of several ...

Swedish video game developer Mojang Studios has released an emergency Minecraft security update to address a critical bug in the Apache Log4j Java logging library used by the game's Java Edition ...