Dark Reading

New Log4j Attack Vector Discovered

Organizations working to reduce exposure to attacks targeting the Log4j remote code execution (RCE) vulnerability disclosed Dec. 9 have a couple of new considerations to keep in mind. Security ...
Bleeping Computer

Latest Apache Log4j news

Roughly 38% of applications using the Apache Log4j library are using a version vulnerable to security issues, including Log4Shell, a critical vulnerability identified as CVE-2021-44228 that carries ...
CSOonline

Detect and Remediate the Exploitation of the Log4j Vulnerability

Most likely bad actors already knew about this prior to December 9 th as it’s been reported that the vulnerability was exposed much earlier in Minecraft chat forums. The vulnerability exposes how the ...
CRN

10 Technology Vendors Affected By The Log4j Vulnerability

Vulnerable Log4j code can be found in products from some of the most prominent technology vendors like Cisco, IBM, and VMware, and as well as one serving the MSP community like ConnectWise and N-able.
Dark Reading

Log4j Attack Surface Remains Massive

Attackers who want to exploit the critical remote code execution vulnerability disclosed in the Apache Log4j logging tool over four months ago still have a vast array of targets to go after. In a ...
The Conversation

What is Log4j? A cybersecurity expert explains the latest internet vulnerability, how bad it is and what’s at stake

Santiago Torres-Arias does not work for, consult, own shares in or receive funding from any company or organization that would benefit from this article, and has disclosed no relevant affiliations ...