Log4j 2.16 vulnerable to DoS attacks, emergency patch 2.17 advised
The impact of the infamous vulnerability in Java library Log4j drags on. Although the initial issue was resolved with patches 2.14, 2.15 and 2.16, the latter version appears to be susceptible to abuse as well. Security researchers found an entrance for Denial of Service (DoS) attacks. Log4j 2.17 wa... Read more
Log4j 2.15 is not foolproof; Apache publishes second emergency patch
The emergency patch for the infamous vulnerability in Java library Log4j is not foolproof. Its developer, Apache Software Foundation, publishes a new version (2.16) in hopes of eliminating the vulnerability once and for all.
A severe vulnerability in an extremely popular Java library puts the gl... Read more
Log4j update: 60 variations of Log4Shell, hundreds of thousands of attacks
The severity of the vulnerability in Log4j is anything but theoretical. Cybercriminals are scanning ports worldwide to find entry points for abuse. Security researchers observed hundreds of thousands of attacks.
In the past few days, Check Point Research recognized 470,000 network scan attempts.... Read more
Log4Shell: what is Log4j, who does it affect and how do you patch it?
A critical vulnerability in a widely used open-source library for Java puts the global IT landscape on alert. The likelihood that your environment is affected has rarely been more significant. Solving starts with understanding. As such, we explore the problem with the Log4j vulnerability known as L... Read more