חדשות

ZDNet3 שנים

Security warning: New zero-day in the Log4j Java library is already ...

A newly discovered zero-day vulnerability in the widely used Java logging library Apache Log4j is easy to exploit and enables attackers to gain full control of affected servers.
Ars Technica3 שנים

Patch fixing critical Log4J 0-day has its own vulnerability that’s ...

Patch fixing critical Log4J 0-day has its own vulnerability that’s under exploit If you've patched using Log4J 2.15.0, it's time to consider updating again. Stat.
The Straits Times3 שנים

Singapore Govt raises alert level on critical Log4j software bug, holds ...

SINGAPORE - The Republic's national cyber-security watchdog on Friday (Dec 17) raised the alert level on the highly critical Log4j software security flaw that has been declared code red by experts ...
ZDNet3 שנים

Apache releases new 2.17.0 patch for Log4j to solve denial of service ...

The Apache Software Foundation published a new Log4j patch late on Friday after discovering issues with 2.16.
GIGAZINE3 שנים

Why does the vulnerability 'Log4Shell (CVE-2021-44228)' found in Java's ...

A version of Apache Log4j, a Java log output library, that fixes the zero-day vulnerability 'CVE-2021-44228 ', commonly known as ' Log4Shell ', for remote code execution will be released on ...
CSOonline3 שנים

4 ways to properly mitigate the Log4j vulnerabilities (and 4 to skip)

A sure-fire way to prevent exploitation of Log4j vulnerabilities has yet to appear, but these actions are your best bet for reducing risk.
Infosecurity-magazine.com3 שנים

Iran-Based MuddyWater Targets Log4j 2 Vulnerabilities in SysAid Apps in ...

Iran-based threat actor MuddyWater (tracked by Microsoft as MERCURY) has been leveraging the exploitation of Log4j 2 vulnerabilities in SysAid applications to target organizations in Israel. The news ...