Politico

Lesson from Log4j: Open-source software improvements need help from feds

The cyber community’s scramble to address major vulnerabilities in the widely used code library Log4j is just the latest wake-up call about the security risks of the open-source software ecosystem — ...
TechSpot

Log4J patch to fix serious zero-day has its own vulnerability that is already actively exploited

Facepalm: The Log4J exploits that have been plaguing server administrators for the past week continue as the patch issued to block the intrusions appears to have security flaws of its own. Some ...
VentureBeat

Device42 aims to identify Log4j vulnerabilities

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More Jen Easterly, director of the Cybersecurity and Infrastructure Security ...
TechSpot

Microsoft Defender gets new functions to fight Log4j

In brief: Microsoft has announced updates for cloud-based versions of its security software to fight the Log4j vulnerability. Log4j has mostly been patched but can still affect some servers that could ...
Business Insider

Contrast Security Explains the Log4j Attack Impact on Global Enterprises

LOS ALTOS, Calif., Dec. 21, 2021 /PRNewswire/ -- Contrast Security, the leader in next-gen code security, today shared information on how Log4j, the most popular piece of free open-source Java ...
Rochester Institute of Technology

Apache Log4j Mitigation

Attackers are exploiting a vulnerability in the Log4j logging platform on systems running Apache software that is written in Java and utilizes the log4j library. Critical systems will be impacted.
The Verge

‘Extremely bad’ vulnerability found in widely used logging system

Security teams at companies large and small are scrambling to patch a previously unknown vulnerability called Log4Shell, which has the potential to let hackers compromise millions of devices across ...