资讯

ZDNet3 年

Apache releases new 2.17.0 patch for Log4j to solve denial of service ...

The Apache Software Foundation published a new Log4j patch late on Friday after discovering issues with 2.16.
The Verge3 年

Log4j is patched, but the exploits are just getting started

Log4j is patched, but the exploits are just getting started As updates to affected software slowly roll out, other quicker fixes are a crucial stopgap ...
ZDNet3 年

Security warning: New zero-day in the Log4j Java library is already ...

A newly discovered zero-day vulnerability in the widely used Java logging library Apache Log4j is easy to exploit and enables attackers to gain full control of affected servers.
CSOonline3 年

4 ways to properly mitigate the Log4j vulnerabilities (and 4 to skip)

A sure-fire way to prevent exploitation of Log4j vulnerabilities has yet to appear, but these actions are your best bet for reducing risk.
Infosecurity-magazine.com3 年

Iran-Based MuddyWater Targets Log4j 2 Vulnerabilities in SysAid Apps in ...

Iran-based threat actor MuddyWater (tracked by Microsoft as MERCURY) has been leveraging the exploitation of Log4j 2 vulnerabilities in SysAid applications to target organizations in Israel. The news ...
The Straits Times3 年

Singapore Govt raises alert level on critical Log4j software bug, holds ...

SINGAPORE - The Republic's national cyber-security watchdog on Friday (Dec 17) raised the alert level on the highly critical Log4j software security flaw that has been declared code red by experts ...