A minor irritant we’ve discovered in implementing applications for Jboss AS is that that the logging configuration for applications has to go through their monolithic jboss-log4j.xml file.

A North Korean hacking and cyber-espionage operation breached the network of an engineering firm linked to military and energy organisations by exploiting a cybersecurity vulnerability in Log4j.

Months on from a critical zero-day vulnerability being disclosed in the widely-used Java logging library Apache Log4j, a significant number of applications and servers are still vulnerable to ...

A bug in the ubiquitous Log4j library can allow an attacker to execute arbitrary code on any system that uses Log4j to write logs. Does yours? Yesterday the Apache Foundation released an emergency ...

Apache has released another Log4j version, 2.17.1 fixing a newly discovered remote code execution (RCE) vulnerability in 2.17.0, tracked as CVE-2021-44832. Prior to today, 2.17.0 was the most ...

Our recent threat research shows that vulnerabilities like Log4j have become more widespread and a favored attack vector by threat actors. Vulnerability exploitation has become popular for two ...

Learn More Cyberattackers seeking to exploit the widespread vulnerability in Apache Log4j have continued to broaden their reach and have begun attempting attacks that are potentially more severe ...

The entire cybercommunity is on high alert over a security risk that experts are calling one of the worst of our time. In late November, a cloud-security researcher for Chinese tech giant Alibaba ...

Vulnerable Log4j code can be found in products from prominent ... PingCentral customers have been instructed to modify the Log4j2.xml configuration file on each server individually, while ...

Exploit code has been released for a serious code-execution vulnerability in Log4j, an open source logging utility that's used in countless apps, including those used by large enterprise ...