Fast Company

Log4j vulnerability explained: The software flaw that has the tech world racing for a fix

In late November, a cloud-security researcher for Chinese tech giant Alibaba discovered a flaw in a popular open-source coding framework called Log4j. The employee quickly notified Log4j’s parent ...
TechRepublic

Check for Log4j vulnerabilities with this simple-to-use script

Check for Log4j vulnerabilities with this simple-to-use script Your email has been sent One great thing about Linux and the open source community is that as soon as a vulnerability is detected, ...
Redmond Magazine

Log4j Attack Methods Explained by CrowdStrike

CrowdStrike on Thursday presented advice for organizations attempting to address a security vulnerability in the Log4j Java logging framework used in Apache Web servers, currently undergoing ...
Bleeping Computer

New zero-day exploit for Log4j Java library is an enterprise nightmare

Proof-of-concept exploits for a critical zero-day vulnerability in the ubiquitous Apache Log4j Java-based logging library are currently being shared online, exposing home users and enterprises alike ...
ZDNet

Log4J: Microsoft discovers attackers targeting undisclosed SolarWinds vulnerability

Microsoft researchers have discovered a previously undisclosed vulnerability in the SolarWinds Serv-U software while monitoring threats related to Log4J vulnerabilities. Jonathan Bar Or explained on ...
Wall Street Journal

Push to Explain What Software Contains Gains Steam After Log4j Flaw

Companies must know what is inside their technology to secure it against hackers and prevent the type of upheaval seen at the end of 2021 due to a flaw in the free, widely used Log4j software, ...
ZDNet

Apache releases new 2.17.0 patch for Log4j to solve denial of service vulnerability

Apache said version 2.16 "does not always protect from infinite recursion in lookup evaluation" and explained that it is vulnerable to CVE-2021-45105, a denial of service vulnerability. They said the ...