PC Magazine

Countless Servers Are Vulnerable to Apache Log4j Zero-Day Exploit

The vulnerability allows remote code execution on servers, including those operated by Apple, Twitter, Valve, Tencent, and other major service providers. I've been writing about tech, including ...
ZDNet

Apache's new security update for HTTP Server fixes two flaws

The Apache Software Foundation has released an update to address a critical flaw in its hugely popular web server that allows remote attackers to take control of a vulnerable system. The first Apache ...
Rochester Institute of Technology

Apache Log4j Mitigation

Attackers are exploiting a vulnerability in the Log4j logging platform on systems running Apache software that is written in Java and utilizes the log4j library. Critical systems will be impacted.
InfoWorld

What app developers need to do now to fight Log4j exploits

Why you may already be at risk, how to detect and mitigate the Log4j vulnerabilities now, and how to improve your code security in the future. Earlier this month, security researchers uncovered a ...
ZDNet

Apache releases new 2.17.0 patch for Log4j to solve denial of service vulnerability

Apache said version 2.16 "does not always protect from infinite recursion in lookup evaluation" and explained that it is vulnerable to CVE-2021-45105, a denial of service vulnerability. They said the ...