Bleeping Computer

Upgraded to log4j 2.16? Surprise, there's a 2.17 fixing DoS

All set for the weekend? Not so fast. Yesterday, BleepingComputer summed up all the log4j and logback CVEs known thus far. Ever since the critical log4j zero-day saga started last week, security ...
Dark Reading

Analysis: Log4j Vulnerability Highlights the Value of Defense-in-Depth, Accurate Inventory

Many security teams have been running hard for past few days looking to assess and address their organizations' exposure to CVE-2021-44228, aka "Log4Shell," a flaw disclosed within the popular Log4j ...
ZDNet

Ransomware: Hackers are using Log4j flaw as part of their attacks, warns Microsoft

Microsoft has confirmed that suspected China-based cyber criminals are targeting the Log4j 'Log4Shell' flaw in VMware's Horizon product to install NightSky, a new ransomware strain that emerged on ...
CSOonline

Detect and Remediate the Exploitation of the Log4j Vulnerability

Most likely bad actors already knew about this prior to December 9 th as it’s been reported that the vulnerability was exposed much earlier in Minecraft chat forums. The vulnerability exposes how the ...
Infosecurity-magazine.com

Lessons Learned: The Log4J Vulnerability 12 Months On

It was a shock to all in cybersecurity as Java and the Log4j open-source logging library are prevalent, commonly used across software applications and online services. The issue quickly came to the ...
CRN

The Log4J Vulnerability: News And Analysis

The critical vulnerability disclosed Dec. 10 in Java logging package Log4j has sent shockwaves throughout the industry given how frequently that open-source library is used to develop enterprise ...