Tracking the Log4shell vulnerability.
Since the Log4shell vulnerability was discovered, the CyberWire team has been tracking the news, industry reaction, and responses by governments as things unfolded. The story is still in progress, but you can find our extensive coverage to-date in these CyberWire Pro stories:
- Log4shell is now undergoing active exploitation (Dec 14, 2021)
- Log4j vulnerabilities at midweek. (Dec 15, 2021)
- Log4shell: exploitation and remediation. (Dec 16, 2021)
- Log4j: Where's Fancy Bear been? Right there, choppin' lumber… (Dec 17, 2021)
- Log4j update: risk assessed, denial-of-service bug fixed, and advice for boards. (Dec 20, 2021).
- Log4j update: more crime, and a Five Eyes advisory. (Dec 22, 2021).
Be sure to visit our website to get the latest, as we track this critical vulnerability.