A second vulnerability involving Apache Log4j was found on Tuesday after cybersecurity experts spent days attempting to patch or mitigate CVE-2021-44228. The description of the new vulnerability ...

Over the past few days you may have heard about Log4j and a major vulnerability that allowed hackers to attack unpatched Apache servers - if not, click here to learn more. Google has posted that ...

The gargantuan crisis spurred by log4j isn’t over yet—not even close. Over the past week, new vulnerabilities have been discovered in the unfortunate Apache logging library (whose ubiquitous ...

Apache Software Foundation President David Nalley on Tuesday told the Senate Homeland Security & Government Affairs Committee it could take months, or even years, to fully eliminate the Log4j ...

How the Log4j vulnerability threatens businesses The source of the problem with the Log4j vulnerability is in what’s called Remote Code Execution (RCE). It’s the worst kind of vulnerability. Through ...

Caught In The Crosshairs The critical vulnerability disclosed last week in Java logging package Log4j left cybersecurity vendors scrambling to assess their potential exposure.

The Apache Software Foundation has released a new patch for Log4j, the Java-based logging utility that has seen vulnerabilities targeted en masse by hackers since Dec. 13. Log4j 2.17.1, the fifth ...

Although no information about industrial control systems being breached via Log4j has yet been made public, the threat exists.

Patch fixing critical Log4J 0-day has its own vulnerability that’s under exploit If you've patched using Log4J 2.15.0, it's time to consider updating again. Stat.

Log4j, a widely used open-source Java logging library, has a critical-remote code execution (RCE) vulnerability that is currently being leveraged in malicious attacks.

The zero-day flaw in the ubiquitous Log4j utility has sent shockwaves far beyond the security industry – here’s what you should know.