ZDNet

Second Log4j vulnerability discovered, patch already released

A second vulnerability involving Apache Log4j was found on Tuesday after cybersecurity experts spent days attempting to patch or mitigate CVE-2021-44228. The description of the new vulnerability, CVE ...
TechSpot

Log4J patch to fix serious zero-day has its own vulnerability that is already actively ...

Facepalm: The Log4J exploits that have been plaguing server administrators for the past week continue as the patch issued to block the intrusions appears to have security flaws of its own. Some ...
TheServerSide

Lessons learned from the Log4j vulnerability

Community driven content discussing all aspects of software development from DevOps to design patterns. In case you’ve been hiding under a rock – or perhaps hiding from endless yelping about security ...
PC Magazine

Countless Servers Are Vulnerable to Apache Log4j Zero-Day Exploit

The vulnerability allows remote code execution on servers, including those operated by Apple, Twitter, Valve, Tencent, and other major service providers. I've been writing about tech, including ...
Dark Reading

Why Log4j Mitigation Is Fraught With Challenges

Security teams working to mitigate their organizations' exposure to the Log4j vulnerability have plenty of challenges to overcome. They include scoping the full extent of exposure, figuring out ...