ZDNet

Log4j: How hackers are using the flaw to deliver this new 'modular' backdoor

Iran-backed hacking group Phosphorous or APT35 is using the Log4j vulnerability to distribute a new modular PowerShell toolkit, according to security firm Check Point. APT35 is one of several ...
Dark Reading

The Log4j Flaw Will Take Years to Be Fully Addressed

More than 80% of Java packages affected by the vulnerability in the Apache Log4j library cannot be updated directly and will require coordination between different project teams to address the flaw. A ...
Dark Reading

Log4j Remediation Rules Now Available for WhiteSource Renovate and Enterprise

TEL AVIV, Israel and BOSTON, Jan. 4, 2022 /PRNewswire/ -- WhiteSource, a leader in open source security and management, today announced that a Log4j remediation preset is now included in both its ...