InfoWorld

How to detect the Log4j vulnerability in your applications

A bug in the ubiquitous Log4j library can allow an attacker to execute arbitrary code on any system that uses Log4j to write logs. Does yours? Yesterday the Apache Foundation released an emergency ...
ZDNet

Multiple Log4j scanners released by CISA, CrowdStrike

CISA released its own Log4J scanner this week alongside a host of other scanners published by cybersecurity companies and researchers. The open-sourced Log4j scanner is derived from scanners created ...
Computer Weekly

Top three questions about the Log4j vulnerability

In December 2021, a vulnerability in the open source Log4J logging service used by developers to monitor their Java applications first came to light, leaving enterprises scrambling to patch affected ...
ZDNet

Not patched Log4j yet? Assume attackers are in your network, say CISA and FBI

A joint security alert by CISA and the FBI has warned organizations that haven't applied much-needed Log4j security patches and mitigations to VMware Horizon server instances to assume their network ...
The Conversation

What is Log4j? A cybersecurity expert explains the latest internet vulnerability, how bad it is and what’s at stake

Santiago Torres-Arias does not work for, consult, own shares in or receive funding from any company or organization that would benefit from this article, and has disclosed no relevant affiliations ...
TechRepublic

Log4j postmortem: Developers are taking a hard look at software supply-chain security gaps

Log4j postmortem: Developers are taking a hard look at software supply-chain security gaps Your email has been sent With so many security and developer teams doing postmortems on the Log4j security ...