GIGAZINE

A cheat sheet that summarizes how to deal with the Java / Log4j library vulnerability 'Log4Shell' is being released, and the affected products are also revealed at a glance.

Royce Williams, who works for cyber security company Alaskan Cyber Watch, has released a cheat sheet about the zero-day vulnerability 'Log4Shell ' discovered in Java's log output library Log4j. The ...
GIGAZINE

Why does the vulnerability 'Log4Shell (CVE-2021-44228)' found in Java's Log4j library have a major impact on the world?

A version of Apache Log4j, a Java log output library, that fixes the zero-day vulnerability 'CVE-2021-44228 ', commonly known as ' Log4Shell ', for remote code execution will be released on December ...
The Verge

Log4j is patched, but the exploits are just getting started

Peter Membrey, chief architect of ExpressVPN, remembers vividly seeing the news of the Log4j vulnerability break online. “As soon as I saw how you could exploit it, it was horrifying,” says Membrey.
Computing

Another Java Log4j vulnerability discovered

A new vulnerability has been discovered in the Log4j Java logging library which also affects the version released last week to patch the flaw known as Log4jshell. The Apache Foundation rushed out ...
CSOonline

Apache Log4j vulnerability actively exploited, impacting millions of Java-based apps

The vulnerability affects not only Java-based applications and services that use the library directly, but also many other popular Java components and development frameworks that rely on it. Attackers ...