InfoWorld

How to detect the Log4j vulnerability in your applications

A bug in the ubiquitous Log4j library can allow an attacker to execute arbitrary code on any system that uses Log4j to write logs. Does yours? Yesterday the Apache Foundation released an emergency ...
ZDNet

Multiple Log4j scanners released by CISA, CrowdStrike

CISA released its own Log4J scanner this week alongside a host of other scanners published by cybersecurity companies and researchers. The open-sourced Log4j scanner is derived from scanners created ...
Bleeping Computer

Hackers start pushing malware in worldwide Log4Shell attacks

Threat actors and researchers are scanning for and exploiting the Log4j Log4Shell vulnerability to deploy malware or find vulnerable servers. In this article, we have compiled the known payloads, ...
Bleeping Computer

Latest Apache Log4j news

Roughly 38% of applications using the Apache Log4j library are using a version vulnerable to security issues, including Log4Shell, a critical vulnerability identified as CVE-2021-44228 that carries ...
Digital Journal

Log4Shell identification and remediation checklist

Log4Shell is one of the most critical and widespread vulnerabilities found in the past decade (CVE-2021-44228) impacting Log4J, a highly popular Java library used in millions of applications as part ...
CRN

Log4j Exploit Is ‘A Fukushima Moment’ For Cybersecurity: Tenable CTO

‘We’re discovering new apps every minute which use Log4j in one way or another. It affects not only the code you build, but also the third-party systems you have in place,’ writes Tenable CTO Renaud ...