News

IT World Canada3y
It could take years for applications using vulnerable version of Java ...
The bug, CVE-2021-44228, affects a Java logging package called log4j. It was revealed Thursday by Lunasec and on Friday by Huntress Labs, and is already being exploited, according to an alert from ...
Threat Post3y
Java Code Repository Riddled with Hidden Log4j Bugs; Here's Where to ...
Why Java Is Trickier Than Other Ecosystems Adding another degree of difficulty to ferreting out the Log4j bugs is Java’s “soft” version requirements, according to Google.
ITWire3y
iTWire - Logjam: Log4j exploit attempts continue in globally ...
COMPANY NEWS: Since the first vulnerability in the Apache Foundation’s Log4j logging tool was revealed on 10 December, three sets of fixes to the Java library have been released as additional ...
adtmag.com2y
Waratek Adds Log4J Scanner and API Security to its Java Security ...
The Java security specialists at Dublin-based Waratek have released a new Log4J Vulnerability Scanner and added API security to their Java Security Platform, the company announced recently. The ...
Threat Post3y
Log4J-Related RCE Flaw in H2 Database Earns Critical Rating
Critical flaw in the H2 open-source Java SQL database are similar to the Log4J vulnerability, but do not pose a widespread threat. Researchers discovered a bug related to the Log4J logging library ...
GIGAZINE3y
Java library vulnerabilities that have shaken the world ・ 'log4j ...
Since Log4j is a widely used Java library, its impact is great, and systems around the world are required to update and fix it as soon as possible.
JD Supra3y
FTC Advises Companies to Remediate Log4j Vulnerability
In an unusual warning to companies running Java applications with Log4j in their environments, the Federal Trade Commission (FTC) recently cautioned that it “intends to use its full legal ...