Security pros say it's one of the worst computer vulnerabilities they've ever seen. Firms including Microsoft say state-backed Chinese and Iranian hackers and rogue cryptocurrency miners have already ...

Microsoft has warned Windows and Azure customers to remain vigilant after observing state-sponsored and cyber-criminal attackers probing systems for the Log4j 'Log4Shell' flaw through December.

Microsoft announced it has rolled out new capabilities in its Defender for Containers and Microsoft 365 Defender offerings for identifying and remediating the widespread vulnerabilities in Apache ...

Threat actors have revived an old and relatively inactive ransomware family known as TellYouThePass, deploying it in attacks against Windows and Linux devices targeting a critical remote code ...

Want smarter insights in your inbox? Sign up for our weekly newsletters to get only what matters to enterprise AI, data, and security leaders. Subscribe Now Microsoft has become the second security ...

Microsoft says it’s only going to get worse: It’s seen state-sponsored and cyber-criminal attackers probing systems for the Log4Shell flaw through the end of December. No surprise here: The holidays ...

In brief: Microsoft has announced updates for cloud-based versions of its security software to fight the Log4j vulnerability. Log4j has mostly been patched but can still affect some servers that could ...

SolarWinds has patched a new Serv-U vulnerability discovered by Microsoft that threat actors attempted to use to propagate Log4j attacks to internal LDAP servers. Serv-U can be configured to ...

Just in time for the holidays, the Log4j vulnerabilities sent IT and security teams into a panic early last month. The Apache Foundation has since fixed the bugs and issued patches. So the onus is now ...

Open-source software is everywhere now, but the Log4j flaw that affects Java enterprise applications is a reminder of what can go wrong in the complicated modern software supply chain. The challenge ...