Bleeping Computer

Upgraded to log4j 2.16? Surprise, there's a 2.17 fixing DoS

All set for the weekend? Not so fast. Yesterday, BleepingComputer summed up all the log4j and logback CVEs known thus far. Ever since the critical log4j zero-day saga started last week, security ...
VentureBeat

Microsoft launches new Defender capabilities for fixing Log4j

Microsoft announced it has rolled out new capabilities in its Defender for Containers and Microsoft 365 Defender offerings for identifying and remediating the widespread vulnerabilities in Apache ...
VentureBeat

Lacework expands capabilities for fixing Log4j flaw

Lacework today announced updates to its cloud security platform aimed at helping customers to prioritize remaining fixes for the vulnerability in Apache Log4j — including through spotting any exploits ...
JD Supra

FTC Warns Companies to Fix Vulnerabilities Associated with Log4j

The Federal Trade Commission (FTC) recently warned private entities to remediate any ongoing Log4j vulnerabilities present within their networks or face possible enforcement action. Log4j is used to ...
Fast Company

Log4j vulnerability explained: The software flaw that has the tech world racing for a fix

In late November, a cloud-security researcher for Chinese tech giant Alibaba discovered a flaw in a popular open-source coding framework called Log4j. The employee quickly notified Log4j’s parent ...
TechSpot

Log4J patch to fix serious zero-day has its own vulnerability that is already actively exploited

Facepalm: The Log4J exploits that have been plaguing server administrators for the past week continue as the patch issued to block the intrusions appears to have security flaws of its own. Some ...