TheServerSide

Lessons learned from the Log4j vulnerability

Community driven content discussing all aspects of software development from DevOps to design patterns. In case you’ve been hiding under a rock – or perhaps hiding from endless yelping about security ...
Financial Post

It could take years for applications using vulnerable version of Java log4j library to be patched, says expert

Infosec leaders around the world are being urged to heed warnings from national computer emergency teams, software suppliers and cybersecurity experts about a critical logging-related vulnerability in ...
ZDNet

Log4j flaw: Thousands of applications are still vulnerable, warn security researchers

Months on from a critical zero-day vulnerability being disclosed in the widely-used Java logging library Apache Log4j, a significant number of applications and servers are still vulnerable to ...
Dark Reading

Log4j: Getting From Stopgap Remedies to Long-Term Solutions

While the worst of Log4Shell may be behind us and much work remains, let's say "Well done" to the security engineers and managers who labored in the trenches in recent weeks. But if you thought the ...
Indiatimes

Log4j: All you need to know about the software bug that's said to be almost everywhere

A new software vulnerability may exist on many of the platforms and services that you use daily. The software bug called Log4J potentially exists in everything from Android phones to the Minecraft ...
Dark Reading

Attackers Exploit Log4j Flaws in Hands-on-Keyboard Attacks to Drop Reverse Shells

Microsoft this week warned organizations about the high potential for threat actors to expand the use of the recently discovered remote code execution (RCE) vulnerabilities in the Apache Log4j logging ...
TechRadar

Log4j attacks are still a major threat, warns Microsoft

Microsoft is warning its Windows and Microsoft Azure customers that they need to remain vigilant when dealing with potential attacks exploiting the Log4Shell vulnerabilities in the popular Java ...