ZDNet

Second Log4j vulnerability discovered, patch already released

A second vulnerability involving Apache Log4j was found on Tuesday after cybersecurity experts spent days attempting to patch or mitigate CVE-2021-44228. The description of the new vulnerability, CVE ...
Bleeping Computer

CISA releases Apache Log4j scanner to find vulnerable apps

The Cybersecurity and Infrastructure Security Agency (CISA) has announced the release of a scanner for identifying web services impacted by two Apache Log4j remote code execution vulnerabilities, ...
Threat Post

‘Long Live Log4Shell’: CVE-2021-44228 Not Dead Yet

The ubiquitous Log4j bug will be with us for years. John Hammond, senior security researcher at Huntress, discusses what’s next. Jen Easterly, the director of the Cybersecurity and Infrastructure ...
Search Engine Roundtable

Google Ads Not Affected By Log4j 2 Vulnerability

Over the past few days you may have heard about Log4j and a major vulnerability that allowed hackers to attack unpatched Apache servers - if not, click here to learn more. Google has posted that ...
SiliconANGLE

How a true zero-trust architecture could have minimized the impact of Log4j – and still can

Just a few days ago, a zero-day vulnerability (CVE-2021-44228) was discovered in the well-known Apache Log4j logging library that allowed attackers full remote code execution. The Apache Software ...
InfoWorld

How developers scrambled to secure the Log4j vulnerability

A group of developers and maintainers scrambled to secure the Log4j vulnerability over the weekend, but there is still a lot of work to do to clean up the mess. Last weekend, the internet caught fire, ...