Fast Company

Log4j vulnerability explained: The software flaw that has the tech world racing for a fix

In late November, a cloud-security researcher for Chinese tech giant Alibaba discovered a flaw in a popular open-source coding framework called Log4j. The employee quickly notified Log4j’s parent ...
Crowdfund Insider

Payments Fintech Adyen Reveals How It Addressed Log4j Critical Vulnerability

It was an eventful week for the Java Ecosystem and the Open Source communities: on December 9, 2021, a critical vulnerability was found in the widely-used Java Logging framework Log4j (version 2). The ...
ZDNet

Log4j: How hackers are using the flaw to deliver this new 'modular' backdoor

Iran-backed hacking group Phosphorous or APT35 is using the Log4j vulnerability to distribute a new modular PowerShell toolkit, according to security firm Check Point. APT35 is one of several ...
Redmond Magazine

Log4j Attack Methods Explained by CrowdStrike

CrowdStrike on Thursday presented advice for organizations attempting to address a security vulnerability in the Log4j Java logging framework used in Apache Web servers, currently undergoing ...
ZDNet

Security firm Blumira discovers major new Log4j attack vector

You didn't really want to take this weekend off, did you? Of course not! Instead, you'll be chasing down vulnerable Log4j code ever deeper into your network ...
Dark Reading

Attackers Exploit Log4j Flaws in Hands-on-Keyboard Attacks to Drop Reverse Shells

Microsoft this week warned organizations about the high potential for threat actors to expand the use of the recently discovered remote code execution (RCE) vulnerabilities in the Apache Log4j logging ...
CSOonline

Prioritizing and remediating vulnerabilities in the wake of Log4J and Microsoft’s Patch ...

Vulnerability disclosures often come in bunches, and unvetted patch updates can create their own problems. Here's how to assess and prioritize both. The past few weeks left IT professionals ...
Computer Weekly

Top three questions about the Log4j vulnerability

In December 2021, a vulnerability in the open source Log4J logging service used by developers to monitor their Java applications first came to light, leaving enterprises scrambling to patch affected ...
The National Law Review

Patch Up – Log4j and How to Avoid a Cybercrime Christmas

We collaborate with the world's leading lawyers to deliver news tailored for you. Sign Up for any (or all) of our 25+ Newsletters. Some states have laws and ethical rules regarding solicitation and ...
Forbes

How Companies Can Prepare For The Next Log4j

Expertise from Forbes Councils members, operated under license. Opinions expressed are those of the author. Years from now, everyone in the software world will remember December 9, 2021, the day that ...
VentureBeat

Microsoft investigating Defender issue with Log4j scanner

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More Microsoft is investigating reports that the Apache Log4j vulnerability ...