Wired

The FTC Wants Companies to Find Log4j Fast. It Won't Be Easy

On December 9, when the Apache Software Foundation disclosed a massive vulnerability in Log4j, its Java logging library, it triggered a cat-and-mouse game as IT professionals raced to secure their ...
AppleInsider

Critical 'Log4J' Java flaw being used to deliver malware, crypto-miners

A critical flaw in a popularly used Java library is being exploited by malicious actors to deliver malware, while security researchers are scanning for vulnerable servers. The flaw and a ...
ZDNet

Log4j flaw could be a problem for industrial networks 'for years to come'

Industrial networks are among those that are vulnerable to the recently disclosed zero-day in the Log4j2 Java logging library, security researchers have warned. The vulnerability (CVE-2021-44228) was ...
Yahoo

Nightmare before Christmas: What to know about the Log4j vulnerability

Add Yahoo as a preferred source to see more of our stories on Google. A vulnerability living inside a Java-based software known as "Log4j" shook the internet this week. The list of potential victims ...
ZDNet

Google unleashes security 'fuzzer' on Log4Shell bug in open source software

The remotely exploitable flaw in Log4j – the widely deployed Java error logging library -- is being attacked by multiple actors and likely will remain so for many ...
Network World

Log4j flaw needs immediate remediation

After nearly two years of adopting major network and security changes wrought by COVID-19 and hybrid work, weary IT network and security teams didn’t need another big issue to take care of, but they ...