News

SD Times3y
SD Times news digest: SnapLogic raises $165 million; Vulnerability found in log4j 2; December release of Python for VS Code
This past Thursday, December 9th, a 0-day exploit in the Java logging library, log4j (version 2) was discovered. This vulnerability results in Remote Code Execution by logging a certain string.
Opinion
Into the Shadows on MSN14dOpinion
Apache Log4j: The Exploit that Almost Killed the Internet
The Apache Log4j Crisis. Discover the shocking Log4Shell exploit that shook the internet. Learn vital lessons about cybersecurity and safeguarding our digital realm.
CRN3y
10 Technology Vendors Affected By The Log4j Vulnerability
Friday for Cisco Network Services Orchestrator (NSO); and Jan. 2 for Cisco Nexus Dashboard. For the other 31 products affected by the Log4j vulnerability, Cisco said it is continuing to evaluate ...
Hackaday3y
This Week In Security: The Log4j That Won’t Go Away, WebOS, And More
Log4j is now up to 2.17.1, as there is yet another RCE to fix, CVE-2021-44832. This one is only scored a 6.6 on the CVSS scale, as opposed to the original, which weighed in at a 10. 44832 requires ...
SD Times6y
SD Times news digest: OpenAI’s Dactyl approach, Git LFS 2.5, and Apache Log4j 2.11.1
Apache Log4j 2.11.1, the popular framework for logging application behavior, has been released, providing significant improvements over the previous release. It adds new modern features ...
CRN3y
Log4j Exploit Is ‘A Fukushima Moment’ For Cybersecurity: Tenable CTO
CISA urged end users to: upgrade to Log4j version 2.15.0; identify any external facing devices that have Log4j installed; ensure their Security Operations Center (SOC) is taking action on every ...