Tracking the Log4shell vulnerability.
Since the Log4shell vulnerability was discovered, the CyberWire team has been tracking the news, industry reaction, and responses by governments as things unfolded. The story is still in progress, but you can find our extensive coverage to-date in these CyberWire Pro stories:
- Log4shell is now undergoing active exploitation (December 14th, 2021)
- Log4j vulnerabilities at midweek. (December 15th, 2021)
- Log4shell: exploitation and remediation. (December 16th, 2021)
- Log4j: Where's Fancy Bear been? Right there, choppin' lumber… (December 17th, 2021)
- Log4j update: risk assessed, denial-of-service bug fixed, and advice for boards. (December 20th, 2021).
- Log4j update: more crime, and a Five Eyes advisory. (December 22nd, 2021).
- Log4j update: a Federal deadline, Conti sightings, and the scanning challenge. (December 23rd, 2021).
Be sure to visit our website to get the latest, as we track this critical vulnerability.