Threat Post

Third Log4J Bug Can Trigger DoS; Apache Issues Patch

The new Log4j vulnerability is similar to Log4Shell in that it also affects the logging library, but this DoS flaw has to do with Context Map lookups, not JNDI. No, you’re not seeing triple: On Friday ...
VentureBeat

‘Less obvious’ uses of Log4j pose a major risk

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More Log4Shell, the Apache Log4j vulnerability that has sent every security ...
CBS News

Panel finds notorious Log4j internet bug did not lead to any "significant" attacks on critical infrastructure

A panel of U.S. government officials and private-sector experts tasked with investigating the nation's major cybersecurity failures has concluded that the notorious Log4j internet bug did not prompt ...
ZDNet

Security company offers Log4j 'vaccine' for systems that can't be updated immediately

It is freely available on GitHub and Cybereason said it "is a relatively simple fix that requires only basic Java skills to implement." "In short, the fix uses the vulnerability itself to set the flag ...
Rochester Institute of Technology

Apache Log4j Mitigation

Attackers are exploiting a vulnerability in the Log4j logging platform on systems running Apache software that is written in Java and utilizes the log4j library. Critical systems will be impacted.