Bleeping Computer

Upgraded to log4j 2.16? Surprise, there's a 2.17 fixing DoS

All set for the weekend? Not so fast. Yesterday, BleepingComputer summed up all the log4j and logback CVEs known thus far. Ever since the critical log4j zero-day saga started last week, security ...
Yahoo

log4j: Tech companies scramble to fix software vulnerability that ‘threatens entire internet’

The vulnerability, known as Log4shell, was identified in Apache’s Log4j software library that helps developers keep track of changes in the applications they build (AFP via Getty Images) Tech ...
JD Supra

FTC Warns Companies to Fix Vulnerabilities Associated with Log4j

The Federal Trade Commission (FTC) recently warned private entities to remediate any ongoing Log4j vulnerabilities present within their networks or face possible enforcement action. Log4j is used to ...
TechSpot

Log4J patch to fix serious zero-day has its own vulnerability that is already actively exploited

Facepalm: The Log4J exploits that have been plaguing server administrators for the past week continue as the patch issued to block the intrusions appears to have security flaws of its own. Some ...
Threat Post

Apache’s Fix for Log4Shell Can Lead to DoS Attacks

Not only is the jaw-dropping flaw in the Apache Log4j logging library ubiquitous; Apache’s blanket of a quickly baked patch for Log4Shell also has holes. As if finding one easily exploited and ...
Infosecurity-magazine.com

New Log4j Patch Released to Fix DoS Flaw

Apache has released a new patch for Log4j to mitigate a high severity vulnerability, as researchers separately found a new attack vector for the Log4Shell bug. The open-source web server community had ...