Dark Reading

Log4j: Getting From Stopgap Remedies to Long-Term Solutions

While the worst of Log4Shell may be behind us and much work remains, let's say "Well done" to the security engineers and managers who labored in the trenches in recent weeks. But if you thought the ...
Bleeping Computer

Log4j vulnerability now used by state-backed hackers, access brokers

As expected, nation-state hackers of all kinds have jumped at the opportunity to exploit the recently disclosed critical vulnerability (CVE-2021-44228) in the Apache Log4j Java-based logging library.