Bleeping Computer

Upgraded to log4j 2.16? Surprise, there's a 2.17 fixing DoS

All set for the weekend? Not so fast. Yesterday, BleepingComputer summed up all the log4j and logback CVEs known thus far. Ever since the critical log4j zero-day saga started last week, security ...
CSOonline

Detect and Remediate the Exploitation of the Log4j Vulnerability

Most likely bad actors already knew about this prior to December 9 th as it’s been reported that the vulnerability was exposed much earlier in Minecraft chat forums. The vulnerability exposes how the ...
Dark Reading

Analysis: Log4j Vulnerability Highlights the Value of Defense-in-Depth, Accurate Inventory

Many security teams have been running hard for past few days looking to assess and address their organizations' exposure to CVE-2021-44228, aka "Log4Shell," a flaw disclosed within the popular Log4j ...
CSOonline

Prioritizing and remediating vulnerabilities in the wake of Log4J and Microsoft’s Patch Tuesday blunder

Vulnerability disclosures often come in bunches, and unvetted patch updates can create their own problems. Here's how to assess and prioritize both. The past few weeks left IT professionals ...
CRN

The Log4J Vulnerability: News And Analysis

The critical vulnerability disclosed Dec. 10 in Java logging package Log4j has sent shockwaves throughout the industry given how frequently that open-source library is used to develop enterprise ...