The Conversation

What is Log4j? A cybersecurity expert explains the latest internet vulnerability, how bad it is and what’s at stake

Santiago Torres-Arias does not work for, consult, own shares in or receive funding from any company or organization that would benefit from this article, and has disclosed no relevant affiliations ...
VentureBeat

Many orgs are still failing to address Log4j — here’s why

Want smarter insights in your inbox? Sign up for our weekly newsletters to get only what matters to enterprise AI, data, and security leaders. Subscribe Now Out of all the vulnerabilities discovered ...
CBS News

Nightmare before Christmas: What to know about the Log4j vulnerability

A vulnerability living inside a Java-based software known as "Log4j" shook the internet this week. The list of potential victims encompasses nearly a third of all web servers in the world, according ...
Wired

The FTC Wants Companies to Find Log4j Fast. It Won't Be Easy

On December 9, when the Apache Software Foundation disclosed a massive vulnerability in Log4j, its Java logging library, it triggered a cat-and-mouse game as IT professionals raced to secure their ...
Yahoo Finance

What is Log4j? A crucial bit of software ‘used across the entire internet' that is now vulnerable

Yahoo Finance's Dan Howley breaks down what Log4j is all about and how it can impact internet security. -Well, if you have used Apple's cloud service or played Minecraft, chances are you've ...
Wired

Buckle Up for More Log4j Madness

It feels like the world has a lot of Pandora's boxes open at once right now. Last week another crisis came into view with disclosure of a vulnerability in the widely used open source Apache logging ...
ZDNet

Log4j flaw hunt shows how complicated the software supply chain really is

Open-source software is everywhere now, but the Log4j flaw that affects Java enterprise applications is a reminder of what can go wrong in the complicated modern software supply chain. The challenge ...
Bleeping Computer

All Log4j, logback bugs we know so far and why you MUST ditch 2.15

Everyone's heard of the critical log4j zero-day by now. Dubbed 'Log4Shell,' the vulnerability has already set the internet on fire. Log4j usage is rampant among many software products and multiple ...
ABC News

New cyber vulnerability poses 'severe risk,' DHS says

The vulnerability is linked to a commonly used piece of software called Log4j. Late Saturday, the Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) issued an ...
Homeland Security Today

PERSPECTIVE: Why the December 2021 Log4j Event Remains Top of Mind for Cyber Professionals

The Cyber Safety Review Board (CSRB), created in 2021 to review major cyber events, released a report last summer recapping the 2021 discovery of the Log4j vulnerability. Its disclosure triggered a ...
TechRepublic

How to test if your Linux server is vulnerable to Log4j

How to test if your Linux server is vulnerable to Log4j Your email has been sent Log4j is a serious vulnerability that has swept across the IT landscape quickly. Here ...
SiliconANGLE

Researchers detect hundreds of thousands of Log4j cyberattack attempts

Researchers at two cybersecurity companies have detected hundreds of thousands of attempts to launch cyberattacks using the recently disclosed vulnerability in Log4j. The number of hacking attempts is ...