{"id":44420,"date":"2021-12-14T10:29:23","date_gmt":"2021-12-14T10:29:23","guid":{"rendered":"http:\/\/620d6eec-48c3-4f4f-bc69-f3560afab58a"},"modified":"2021-12-14T10:29:23","modified_gmt":"2021-12-14T10:29:23","slug":"log4j-flaw-puts-hundreds-of-millions-of-devices-at-risk-says-us-cybersecurity-agency","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/log4j-flaw-puts-hundreds-of-millions-of-devices-at-risk-says-us-cybersecurity-agency\/","title":{"rendered":"Log4j flaw puts hundreds of millions of devices at risk, says US cybersecurity agency"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/www.zdnet.com\/a\/img\/resize\/ae766ae0dd8467f3256834c82bda77d7520b583b\/2021\/07\/09\/cccbfe1d-b069-4319-9be8-8ce2b465bf27\/frustrated-woman-at-a-computer-in-an-office.jpg?width=770&amp;height=578&amp;fit=crop&amp;auto=webp\" class=\"ff-og-image-inserted\"><\/div>\n<p>Top US government cybersecurity officials fear advanced hackers will have a field day with the Log4j vulnerability that&#8217;s likely present in hundreds of millions of devices.&nbsp; <\/p>\n<p>Security experts are already&nbsp;<a href=\"https:\/\/www.zdnet.com\/article\/log4j-flaw-attackers-are-making-thousands-of-attempts-to-exploit-this-severe-vulnerability\/\">seeing widespread scanning<\/a> for the Log4j vulnerability (also dubbed &#8216;Log4Shell&#8217;) on internet-connected devices running vulnerable versions of Log4j version 2, which have been under attack since December 1, although the bug became common knowledge on&nbsp;<a href=\"https:\/\/www.zdnet.com\/article\/security-warning-new-zero-day-in-the-log4j-java-library-is-already-being-exploited\/\">December 9<\/a>.&nbsp; <\/p>\n<p><a href=\"http:\/\/v\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" data-component=\"externalLink\">So far, Microsoft has seen<\/a> attackers compromise machines to install coin miners, the Cobalt Strike pen-testing framework to enable credential theft and lateral movement, and exfiltration of data from compromised systems. <\/p>\n<hr>\n<h3> LOG4J FLAW COVERAGE &#8211; WHAT YOU NEED TO KNOW NOW <\/h3>\n<hr>\n<p>These attacks appear to be opportunistic cyber-criminal activity thanks to its ease of exploitation, but top officials at the US Department of Homeland Security&#8217;s Cybersecurity and Infrastructure Security Agency (CISA) fear &#8220;sophisticated actors&#8221; will also pounce on the bug soon.&nbsp; <\/p>\n<p>&#8220;This vulnerability is one of the most serious that I&#8217;ve seen in my entire career, if not the most serious,&#8221; <a href=\"https:\/\/edition.cnn.com\/2021\/12\/13\/politics\/us-warning-software-vulnerability\/\" target=\"_blank\" rel=\"noopener noreferrer\" data-component=\"externalLink\">Jen Easterly, director of CISA said in a call shared with CNN<\/a>. Easterly has spent 20 years in various federal cybersecurity roles. <\/p>\n<p>&#8220;We expect the vulnerability to be widely exploited by sophisticated actors and we have limited time to take necessary steps in order to reduce the likelihood of damage,&#8221; she said. The call, with US critical infrastructure owners and operators, <a href=\"https:\/\/www.cyberscoop.com\/log4j-cisa-easterly-most-serious\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" data-component=\"externalLink\">was first reported by CyberScoop<\/a>. &nbsp; <\/p>\n<p>Jay Gazlay of CISA&#8217;s vulnerability management office warned that hundreds of millions of devices are likely to be affected. <\/p>\n<section class=\"sharethrough-top placeholder\"> <\/section>\n<p>Log4J is a popular Java library for logging error messages in applications. It&#8217;s vulnerable to a critical flaw, tracked as <a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2021-44228\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" data-component=\"externalLink\">CVE-2021-44228<\/a>, that lets any remote attacker take control of another device on the internet, if it&#8217;s running Log4J versions 2.0 to 2.14.1.&nbsp; <\/p>\n<div class=\"relatedContent alignRight\">\n<h3 class=\"heading\"> <span class=\"int\">ZDNet Recommends<\/span> <\/h3>\n<\/p><\/div>\n<p>The remotely exploitable flaw is <a href=\"https:\/\/www.zdnet.com\/article\/log4j-zero-day-flaw-what-you-need-to-know-and-how-to-protect-yourself\/\">present in hundreds of major enterprise products<\/a>, from the likes of Oracle, Cisco, RedHat, IBM, VMware and Splunk, and cloud features from Amazon Web Services and Microsoft Azure, as well as security appliances and developer tools. Google Cloud is <a href=\"https:\/\/cloud.google.com\/log4j2-security-advisory\" target=\"_blank\" rel=\"noopener noreferrer\" data-component=\"externalLink\">investigating<\/a> the impact of the Log4j bug on its products and services, and is working with VMware to deploy fixes to the Google Cloud VMware Engine. Google has updated WAF rules to <a href=\"https:\/\/cloud.google.com\/blog\/products\/identity-security\/cloud-armor-waf-rule-to-help-address-apache-log4j-vulnerability\" target=\"_blank\" rel=\"noopener noreferrer\" data-component=\"externalLink\">defend against Log4j attacks<\/a>. &nbsp; <\/p>\n<p>The Apache Software Foundation has released version 2.15.0 to address the flaw, but product vendors still need to apply the fix in their products and then end-user customers need to update their devices once their vendor&#8217;s fix becomes available.&nbsp; &nbsp; &nbsp; &nbsp; &nbsp;&nbsp; <\/p>\n<p>The flaw highlights known risks arising from software supply chains when a key piece of software is used within multiple products across multiple vendors and deployed by their customers around the world. <\/p>\n<hr>\n<h3> LOG4J FLAW COVERAGE &#8211; HOW TO KEEP YOUR COMPANY SAFE <\/h3>\n<hr>\n<p>It&#8217;s not a simple fix to address all vulnerable devices. As <a href=\"https:\/\/isc.sans.edu\/forums\/diary\/Log4j+Log4Shell+Followup+What+we+see+and+how+to+defend+and+how+to+access+our+data\/28122\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" data-component=\"externalLink\">Sans Internet Storm Center notes<\/a>: &#8220;There is no generic &#8216;log4j2&#8217; patch to patch everything. In some cases, vendors including Log4j, need to patch their software to include the new version.&#8221; <\/p>\n<p><a href=\"https:\/\/www.rapid7.com\/blog\/post\/2021\/12\/10\/widespread-exploitation-of-critical-remote-code-execution-in-apache-log4j\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" data-component=\"externalLink\">Rapid7 had a similar warning<\/a>: &#8220;Organizations should be prepared for a continual stream of downstream advisories from third-party software producers who include Log4j among their dependencies.&#8221; <\/p>\n<p><strong>SEE: <\/strong><a href=\"https:\/\/www.zdnet.com\/article\/hackers-are-turning-to-this-simple-technique-to-install-their-malware-on-pcs\/#link=%7B%22linkText%22:%22Hackers%20are%20turning%20to%20this%20simple%20technique%20to%20install%20their%20malware%20on%20PCs%22,%22target%22:%22_blank%22,%22href%22:%22https:\/\/www.zdnet.com\/article\/hackers-are-turning-to-this-simple-technique-to-install-their-malware-on-pcs\/%22,%22role%22:%22standard%22,%22absolute%22:%22%22%7D\"><strong>Hackers are turning to this simple technique to install their malware on PCs<\/strong><\/a> <\/p>\n<p>Rapid7 <a href=\"https:\/\/www.rapid7.com\/blog\/post\/2021\/12\/14\/update-on-log4shells-impact-on-rapid7-solutions-and-systems\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" data-component=\"externalLink\">itself has been investigating its products&#8217; exposure to the Log4j bug<\/a>&nbsp;and has deployed server-side fixes for several affected products.&nbsp; <\/p>\n<p>Historically slow uptake of new security patches means attackers will likely have months if not years to find and exploit vulnerable devices, <a href=\"https:\/\/www.zdnet.com\/article\/log4j-update-experts-say-log4shell-exploits-will-persist-for-months-if-not-years\/\">security experts warned this week<\/a>.&nbsp; <\/p>\n<p>The Log4j bug is internet-wide, prompting advisories from <a href=\"https:\/\/www.cyber.gov.au\/acsc\/view-all-content\/alerts\/critical-remote-code-execution-vulnerability-found-apache-log4j2-library\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" data-component=\"externalLink\">Australia<\/a>,&nbsp;<a href=\"https:\/\/www.zdnet.com\/article\/security-warning-new-zero-day-in-the-log4j-java-library-is-already-being-exploited\/\">New Zealand<\/a>, Canada, the UK, <a href=\"https:\/\/www.cert.se\/2021\/12\/kritisk-sarbarhet-i-apache-log4j\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" data-component=\"externalLink\">Sweden<\/a>, <a href=\"https:\/\/www.bsi.bund.de\/DE\/Themen\/Unternehmen-und-Organisationen\/Informationen-und-Empfehlungen\/Empfehlungen-nach-Angriffszielen\/Webanwendungen\/log4j\/log4j_node.html\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" data-component=\"externalLink\">Germany<\/a>, <a href=\"https:\/\/www.csa.gov.sg\/en\/singcert\/Alerts\/al-2021-070\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" data-component=\"externalLink\">Singapore<\/a>, and elsewhere. Canada&#8217;s Revenue Agency took some services offline on Friday after learning of the flaw, <a href=\"https:\/\/www.cbc.ca\/news\/politics\/canada-revenue-agency-other-government-departments-take-some-services-offline-due-to-security-vulnerability-1.6283556\" target=\"_blank\" rel=\"noopener noreferrer nofollow\" data-component=\"externalLink\">according to CBC<\/a>. &nbsp; <\/p>\n<p> READ MORE <a href=\"https:\/\/www.zdnet.com\/article\/log4j-flaw-puts-hundreds-of-millions-of-devices-at-risk-says-us-cybersecurity-agency\/#ftag=RSSbaffb68\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>US cybersecurity officials stress how complicated fixing the Log4j vulnerability will be.<br \/>\nREAD MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[62],"tags":[],"class_list":["post-44420","post","type-post","status-publish","format-standard","hentry","category-zdnet-security"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Log4j flaw puts hundreds of millions of devices at risk, says US cybersecurity agency 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/log4j-flaw-puts-hundreds-of-millions-of-devices-at-risk-says-us-cybersecurity-agency\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Log4j flaw puts hundreds of millions of devices at risk, says US cybersecurity agency 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/log4j-flaw-puts-hundreds-of-millions-of-devices-at-risk-says-us-cybersecurity-agency\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2021-12-14T10:29:23+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.zdnet.com\/a\/img\/resize\/ae766ae0dd8467f3256834c82bda77d7520b583b\/2021\/07\/09\/cccbfe1d-b069-4319-9be8-8ce2b465bf27\/frustrated-woman-at-a-computer-in-an-office.jpg?width=770&amp;height=578&amp;fit=crop&amp;auto=webp\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/log4j-flaw-puts-hundreds-of-millions-of-devices-at-risk-says-us-cybersecurity-agency\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/log4j-flaw-puts-hundreds-of-millions-of-devices-at-risk-says-us-cybersecurity-agency\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Log4j flaw puts hundreds of millions of devices at risk, says US cybersecurity agency\",\"datePublished\":\"2021-12-14T10:29:23+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/log4j-flaw-puts-hundreds-of-millions-of-devices-at-risk-says-us-cybersecurity-agency\/\"},\"wordCount\":678,\"publisher\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/log4j-flaw-puts-hundreds-of-millions-of-devices-at-risk-says-us-cybersecurity-agency\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.zdnet.com\/a\/img\/resize\/ae766ae0dd8467f3256834c82bda77d7520b583b\/2021\/07\/09\/cccbfe1d-b069-4319-9be8-8ce2b465bf27\/frustrated-woman-at-a-computer-in-an-office.jpg?width=770&amp;height=578&amp;fit=crop&amp;auto=webp\",\"articleSection\":[\"ZDNet | Security\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/log4j-flaw-puts-hundreds-of-millions-of-devices-at-risk-says-us-cybersecurity-agency\/\",\"url\":\"https:\/\/www.threatshub.org\/blog\/log4j-flaw-puts-hundreds-of-millions-of-devices-at-risk-says-us-cybersecurity-agency\/\",\"name\":\"Log4j flaw puts hundreds of millions of devices at risk, says US cybersecurity agency 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/log4j-flaw-puts-hundreds-of-millions-of-devices-at-risk-says-us-cybersecurity-agency\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/log4j-flaw-puts-hundreds-of-millions-of-devices-at-risk-says-us-cybersecurity-agency\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.zdnet.com\/a\/img\/resize\/ae766ae0dd8467f3256834c82bda77d7520b583b\/2021\/07\/09\/cccbfe1d-b069-4319-9be8-8ce2b465bf27\/frustrated-woman-at-a-computer-in-an-office.jpg?width=770&amp;height=578&amp;fit=crop&amp;auto=webp\",\"datePublished\":\"2021-12-14T10:29:23+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/log4j-flaw-puts-hundreds-of-millions-of-devices-at-risk-says-us-cybersecurity-agency\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.threatshub.org\/blog\/log4j-flaw-puts-hundreds-of-millions-of-devices-at-risk-says-us-cybersecurity-agency\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/log4j-flaw-puts-hundreds-of-millions-of-devices-at-risk-says-us-cybersecurity-agency\/#primaryimage\",\"url\":\"https:\/\/www.zdnet.com\/a\/img\/resize\/ae766ae0dd8467f3256834c82bda77d7520b583b\/2021\/07\/09\/cccbfe1d-b069-4319-9be8-8ce2b465bf27\/frustrated-woman-at-a-computer-in-an-office.jpg?width=770&amp;height=578&amp;fit=crop&amp;auto=webp\",\"contentUrl\":\"https:\/\/www.zdnet.com\/a\/img\/resize\/ae766ae0dd8467f3256834c82bda77d7520b583b\/2021\/07\/09\/cccbfe1d-b069-4319-9be8-8ce2b465bf27\/frustrated-woman-at-a-computer-in-an-office.jpg?width=770&amp;height=578&amp;fit=crop&amp;auto=webp\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/log4j-flaw-puts-hundreds-of-millions-of-devices-at-risk-says-us-cybersecurity-agency\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.threatshub.org\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Log4j flaw puts hundreds of millions of devices at risk, says US cybersecurity agency\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#website\",\"url\":\"https:\/\/www.threatshub.org\/blog\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\/\/www.threatshub.org\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Log4j flaw puts hundreds of millions of devices at risk, says US cybersecurity agency 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/log4j-flaw-puts-hundreds-of-millions-of-devices-at-risk-says-us-cybersecurity-agency\/","og_locale":"en_US","og_type":"article","og_title":"Log4j flaw puts hundreds of millions of devices at risk, says US cybersecurity agency 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/log4j-flaw-puts-hundreds-of-millions-of-devices-at-risk-says-us-cybersecurity-agency\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2021-12-14T10:29:23+00:00","og_image":[{"url":"https:\/\/www.zdnet.com\/a\/img\/resize\/ae766ae0dd8467f3256834c82bda77d7520b583b\/2021\/07\/09\/cccbfe1d-b069-4319-9be8-8ce2b465bf27\/frustrated-woman-at-a-computer-in-an-office.jpg?width=770&amp;height=578&amp;fit=crop&amp;auto=webp","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/log4j-flaw-puts-hundreds-of-millions-of-devices-at-risk-says-us-cybersecurity-agency\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/log4j-flaw-puts-hundreds-of-millions-of-devices-at-risk-says-us-cybersecurity-agency\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Log4j flaw puts hundreds of millions of devices at risk, says US cybersecurity agency","datePublished":"2021-12-14T10:29:23+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/log4j-flaw-puts-hundreds-of-millions-of-devices-at-risk-says-us-cybersecurity-agency\/"},"wordCount":678,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/log4j-flaw-puts-hundreds-of-millions-of-devices-at-risk-says-us-cybersecurity-agency\/#primaryimage"},"thumbnailUrl":"https:\/\/www.zdnet.com\/a\/img\/resize\/ae766ae0dd8467f3256834c82bda77d7520b583b\/2021\/07\/09\/cccbfe1d-b069-4319-9be8-8ce2b465bf27\/frustrated-woman-at-a-computer-in-an-office.jpg?width=770&amp;height=578&amp;fit=crop&amp;auto=webp","articleSection":["ZDNet | Security"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/log4j-flaw-puts-hundreds-of-millions-of-devices-at-risk-says-us-cybersecurity-agency\/","url":"https:\/\/www.threatshub.org\/blog\/log4j-flaw-puts-hundreds-of-millions-of-devices-at-risk-says-us-cybersecurity-agency\/","name":"Log4j flaw puts hundreds of millions of devices at risk, says US cybersecurity agency 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/log4j-flaw-puts-hundreds-of-millions-of-devices-at-risk-says-us-cybersecurity-agency\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/log4j-flaw-puts-hundreds-of-millions-of-devices-at-risk-says-us-cybersecurity-agency\/#primaryimage"},"thumbnailUrl":"https:\/\/www.zdnet.com\/a\/img\/resize\/ae766ae0dd8467f3256834c82bda77d7520b583b\/2021\/07\/09\/cccbfe1d-b069-4319-9be8-8ce2b465bf27\/frustrated-woman-at-a-computer-in-an-office.jpg?width=770&amp;height=578&amp;fit=crop&amp;auto=webp","datePublished":"2021-12-14T10:29:23+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/log4j-flaw-puts-hundreds-of-millions-of-devices-at-risk-says-us-cybersecurity-agency\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/log4j-flaw-puts-hundreds-of-millions-of-devices-at-risk-says-us-cybersecurity-agency\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/log4j-flaw-puts-hundreds-of-millions-of-devices-at-risk-says-us-cybersecurity-agency\/#primaryimage","url":"https:\/\/www.zdnet.com\/a\/img\/resize\/ae766ae0dd8467f3256834c82bda77d7520b583b\/2021\/07\/09\/cccbfe1d-b069-4319-9be8-8ce2b465bf27\/frustrated-woman-at-a-computer-in-an-office.jpg?width=770&amp;height=578&amp;fit=crop&amp;auto=webp","contentUrl":"https:\/\/www.zdnet.com\/a\/img\/resize\/ae766ae0dd8467f3256834c82bda77d7520b583b\/2021\/07\/09\/cccbfe1d-b069-4319-9be8-8ce2b465bf27\/frustrated-woman-at-a-computer-in-an-office.jpg?width=770&amp;height=578&amp;fit=crop&amp;auto=webp"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/log4j-flaw-puts-hundreds-of-millions-of-devices-at-risk-says-us-cybersecurity-agency\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Log4j flaw puts hundreds of millions of devices at risk, says US cybersecurity agency"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/44420","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=44420"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/44420\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=44420"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=44420"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=44420"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}