LINK It is not easy to be concise in listing VMware products affected by Log4j. So goto the link above for details.
Numerous new Cisco Vulnerabilities including a Critical one for Cisco StarOS in Cisco Redundancy Configuration Manager
LINK Time to look again if you have Cisco products in your network, including Webex.
Google Project Zero finds 2 vulnerabilities in Zoom
LINK Google Project Zero has identified 2 Critical and High rated Vulnerabilities in Zoom Clients and Zoom MMR systems. Patches were released by the Vendor.
SolarWinds Serv-U Actively being Attacked using Log4j Vulnerability
LINK If you needed more evidence to see how mad log4j could be, here you go.
CISA Adds additional 13 Vulnerabilities to Exploited Catalog List
LINK CISA has added more vulnerabilities that need to be resolved for organizations. If you are looking for a complete list of all these Vulnerabilities, here is a CSV of the list.
Log4J Links to Info
MSSPalert has some good content that I wanted to Share for those that are needing Log4j info. Log4j Timeline of Events, Attacks, Advice Patches – LINK Log4j Scanners and Threat Hunters – LINK
Oracle to Release a Massive Update of Nearly 500 New Security Patches
LINK There are so many fixes here, I suggest ANYONE that has anything Oracle, go to the above link to see if they are vulnerable to something.
Zoho Releases Patch for Critical ManageEngine Desktop Central
LINK Zoho’s ManageEngine product seems to always be under attack. They just released a new CRITICAL update. Please update your installation.
Microsoft Releases Out of Band Emergency Fix for VPN issues
https://securityaffairs.co/wordpress/126856/hacking/windows-out-of-band-emergency-fixes.htmlLINK January’s patching had some issues, this is supposed to fix those problems.
Numerous Ivanti Products Announces Log4J Vulnerability
LINK If you have anything from Ivanti, check the link above to see what might be vulnerable.