MarketWatch

Top cyber official has never seen a more ‘serious vulnerability.’ Here’s what you should know about Log4j

In the months since the Apache Software Foundation announced a major security vulnerability in its Log4j 2 software library, cybersecurity experts have said they’ve seen attacks targeted across a ...
Bleeping Computer

Log4j 2.17.1 out now, fixes new remote code execution bug

Apache has released another Log4j version, 2.17.1 fixing a newly discovered remote code execution (RCE) vulnerability in 2.17.0, tracked as CVE-2021-44832. Prior to today, 2.17.0 was the most recent ...
ZDNet

Apache releases new 2.17.0 patch for Log4j to solve denial of service vulnerability

Apache said version 2.16 "does not always protect from infinite recursion in lookup evaluation" and explained that it is vulnerable to CVE-2021-45105, a denial of service vulnerability. They said the ...
CSOonline

The Apache Log4j vulnerabilities: A timeline

The Apache Log4j vulnerability has impacted organizations around the globe. Here is a timeline of the key events surrounding the Log4j exploit as they have unfolded. The Apache Log4j vulnerability has ...
TechRadar

Log4j could still be a major security worry for businesses everywhere

Even though it was discovered and patched two years ago, the Log4j vulnerability still poses a major threat to businesses everywhere, new research has claimed. A report by Veracode has argued ...
TechRadar

Apache reveals another Log4j bug, so patch now

Apache can’t seem to catch a break with Java-based logging utility Log4j, as a third major vulnerability has now been discovered. On Friday, the Apache Software Foundation (ASF) published an ...