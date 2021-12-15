ContributorsPublishersAdvertisers
Software

Don't Lookup: The Log4j Debacle

By Remy Porter
thedailywtf.com
 6 days ago

All the headlines for the past week have touched upon the "Log4Shell" bug, CVE-2021-44228. This is a "big deal" bug that's coupled with some surprising features of how Java works. Before we get into the news roundup portion of this, we need to discuss a little history. Today, the...





Dark Reading

What to Do While Waiting for the Log4J Updates

Researchers are warning that attackers are actively exploiting the newly publicized unauthenticated remote code execution vulnerability in Log4j, the Java-based logging tool from Apache. While the bulk of the work to mitigate CVE-2021-44228 falls on application owners and software developers, enterprise security teams also have to do their part to keep their organizations secure.
SOFTWARE
techacute.com

Log4j Vulnerability: What You Should Do to Mitigate the Risks

The Log4j vulnerability (CVE-2021-44228) is an InfoSec risk to your IT. Log4j is an open-source project that provides libraries for logging application behavior, system activity, or other categories of event data. Log4j has been vulnerable to arbitrary code execution since its inception, which means any Log4j instance could be tricked into running malicious code on the host machine. If you are concerned about this vulnerability and want to know what you can do to mitigate it, find out more below.
SOFTWARE
WTOP

Data Docs: What you need to do about the Log4j threat

Q: What should I be doing about the Log4j vulnerability?. A: In what is considered one of the most widespread and dangerous vulnerabilities to be discovered in a very long time, the Log4j problem is going to be a threat that will likely linger for a long time. The reason...
SMALL BUSINESS
IN THIS ARTICLE
#Log4j#Java#Jndi#Beanisacoffeepunservice#Dns
KTAR.com

The Log4j threat: What everyone should do

Q: What should I be doing about the Log4j vulnerability?. A: In what is considered one of the most widespread and dangerous vulnerabilities to be discovered in a very long time, the Log4j problem is going to be a threat that will likely linger for a long time. The reason...
SMALL BUSINESS
BGR.com

You can’t do anything to stop the Log4j zero-day attacks yourself

Don't Miss: Tuesday’s deals: $179 AirPods Pro, $20 Philips Sonicare toothbrush, KN95 masks made in USA, more Also known as the Log4Shell hack, the Log4j 0-day security vulnerability is the worst hack in internet history. Every internet company has been scrambling to patch the issue and prevent hackers from taking advantage of it. But it will take time for companies to fix the problem. Security researchers are seeing thousands of attempts to take advantage of the Log4j hack to get into computer systems. And the worst thing about this hack is that you might be impacted even if hackers don’t explicitly...
TECHNOLOGY
