Security Experts Sound Alarm on Zero-Day in Widely Used Log4j Tool

[TechWeb]( Follow Dark Reading: [RSS]( December 13, 2021 LATEST SECURITY NEWS & COMMENTARY [Security Experts Sound Alarm on Zero-Day in Widely Used Log4j Tool]( A remote code execution vulnerability in Log4j presents a bigger threat to organizations than even the infamous 2017 Apache Struts vulnerability that felled Equifax, they say. [The Vulnerability Lag: Cut Ransomware Risks Resulting From Digital Transformation]( Exploring ransomware and other data integrity risks from accelerated digital transformation in the wake of COVID-19. [Russian National Sentenced for Role in Kelihos Botnet]( Oleg Koshkin was sentenced for running a crypting service used to hide the Kelihos malware from antivirus software. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Emotet Is Back and More Dangerous Than Before]( Volume of traffic associated with the malware is now back at 50% of the volume before law enforcement took the botnet operation down in January 2021, security vendor says. [Virtual-Network Vulnerability Found in AWS, Other Clouds]( The privilege-escalation flaws affect Amazon WorkSpaces and more than a dozen services that use a particular implementation of USB over Ethernet. [The Dark Web Has Its Own People's Court]( Many underground forums have processes for arbitrating disputes between cybercriminals. [MORE]( EDITORS' CHOICE [Dark Reading Reflects on a Legacy and Life Well-Written: Tim Wilson]( The Dark Reading editorial team, along with contributing writers and editors, share their favorite stories and memories of co-founder and editor-in-chief Tim Wilson, an influential editor and well-respected thought leader in the cybersecurity industry. LATEST FROM DR TECHNOLOGY [What to Do While Waiting for the Log4J Updates]( This Tech Tip outlines how enterprise defenders can mitigate the risks of the Log4j vulnerabilities for the short-term while waiting for updates. LATEST FROM THE EDGE [NIST Cyber-Resiliency Framework Extended to Include Critical Infrastructure Controls]( The latest NIST publication outlines how organizations can build systems that can anticipate, withstand, recover from, and adapt to cyberattacks. Tech Resources - [Zero Trust and the Power of Isolation for Threat Prevention]( - [Zero Trust in Real Life]( - [Protecting Your Mainframe Against Relentless Ransomware]( - [2021 Ransomware Threat Report]( - [Questions to Ask in Evaluating a Deception-Based Cybersecurity Solution]( - [State of Encrypted Attacks]( - [Why IT leaders Should Consider a Zero-Trust Network Access Strategy]( [ACCESS TECH LIBRARY NOW]( - [Beyond Spam and Phishing: Emerging Email-based Threats]( Even as enterprises adopt real-time messaging tools and platforms, email remains the hub of enterprise communications. Adversaries are increasingly targeting the enterprise email inbox, and security teams need to look further than just spam and phishing attacks. In this webinar, ... - [Cloud Security Strategies for Today's Enterprises]( The typical enterprise relies on dozens, even hundreds, of cloud applications and services sprawled across different platforms and service providers. Security teams need to shoulder the responsibility of coordinating security and incident response and not leave it up to individual ... [MORE WEBINARS]( FEATURED REPORTS - [10 Hot Talks From Black Hat USA 2021]( - [Enterprise Cybersecurity Plans in a Post-Pandemic World]( As the COVID-19 pandemic eases, IT security threats and the challenges involved in responding to them are trending upward. Security leaders expect that cyberattacks like ransomware, phishing, and malware will increase even as the pandemic eventually recedes. Download the Dark ... [MORE REPORTS]( CURRENT ISSUE [How Data Breaches Affect the Enterprise]( [DOWNLOAD THIS ISSUE]( [SUBSCRIBE NOW]( [BACK ISSUES]( | [MUST READS]( | [TECH DIGEST]( PRODUCTS & RELEASES [Broadcom Inc. Announces $10 Billion Share Repurchase Authorization]( [LastPass Announces New Integration with Google Workspace]( [The Executive Women's Forum on Information Security, Risk Management & Privacy Presents the Leadership Scholarship]( [MORE PRODUCTS & RELEASES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech 303 Second St., Suite 900 South Tower, San Francisco, CA 94107 To update your profile, change your e-mail address, or unsubscribe, [click here.]( To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:customerservice_informationhub@techweb.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2021]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:customerservice_informationhub@techweb.com)