News

GIGAZINE

Why does the vulnerability 'Log4Shell (CVE-2021-44228)' found in Java's Log4j library have a major impact on the world?

A version of Apache Log4j, a Java log output library, that fixes the zero-day vulnerability 'CVE-2021-44228 ', commonly known as ' Log4Shell ', for remote code execution will be released on December ...
Bleeping Computer

Over 30% of Log4J apps use a vulnerable version of the library

Roughly 38% of applications using the Apache Log4j library are using a version vulnerable to security issues, including Log4Shell, a critical vulnerability identified as CVE-2021-44228 that carries ...
Threat Post

‘Long Live Log4Shell’: CVE-2021-44228 Not Dead Yet

The ubiquitous Log4j bug will be with us for years. John Hammond, senior security researcher at Huntress, discusses what’s next. Jen Easterly, the director of the Cybersecurity and Infrastructure ...
WeLiveSecurity

Log4Shell vulnerability: What we know so far

Just as the holiday season is approaching our doorstep, a critical vulnerability in an Apache code library called Log4j 2 has come knocking at the door. Log4j is an open-source Java-based logging ...
ZDNet

Second Log4j vulnerability discovered, patch already released

A second vulnerability involving Apache Log4j was found on Tuesday after cybersecurity experts spent days attempting to patch or mitigate CVE-2021-44228. The description of the new vulnerability, CVE ...
adtmag.com

Log4j Remote Code Execution Vulnerability Likely to Affect Millions

UPDATE, 12/16: Cybersecurity experts are saying that attackers connected with nation-states, including China and other governments, are actively exploiting the Log4jShell vulnerability. On Thursday, ...
Computer Weekly

Top three questions about the Log4j vulnerability

In December 2021, a vulnerability in the open source Log4J logging service used by developers to monitor their Java applications first came to light, leaving enterprises scrambling to patch affected ...