在这个影响软件供应链根基的问题被自动化工具攻克之前，预计将有更多由 Log4j 引发的问题出现。 Log4j 漏洞风波暂平，但下一场暴雷可能已经在路上。 过去这一年，Log4j 频频暴雷。新年伊始，很多朋友可能觉得 Log4j 这事儿已经过去了。不，还没完呢。 2021 年 ...

导语：近日，Apache Log4j 漏洞再次曝光3个高危漏洞，评级均在高危以上。自2021年12月7日公开，Apache Log4j 漏洞被认为是“2021年最重要 近日，Apache Log4j 漏洞再次曝光3个高危漏洞，评级均在高危以上。 自2021年12月7日公开，Apache Log4j 漏洞被认为是“2021年最重要的 ...

Open-source software is everywhere now, but the Log4j flaw that affects Java enterprise applications is a reminder of what can go wrong in the complicated modern software supply chain. The challenge ...

12月11日，360安全大脑监测到有黑客疑似利用Apache Log4j 2漏洞（编号CVE-2021-44228）对Minecraft（游戏名称“我的世界”）Java版发起大规模攻击，最高峰时段每小时有超过10000个玩家遭到了攻击。 据悉，该漏洞危害严重，利用方式简单，影响广泛，凡使用Java应用的用户 ...

2021年12月9日，全球流行度极高的开源软件Apache Java日志框架Log4j爆发了惊天漏洞：攻击者可以利用此漏洞远程执行代码并获得服务器的最高权限。由于Log4j性能好、流行度高，因此被广泛使用在各种开源软件中间件、开发框架、Web程序中。本次漏洞也波及了大量 ...

The number of attacks aiming to take advantage of the recently disclosed security flaw in the Log4j2 Java logging library continues to grow. The vulnerability (CVE-2021-44228) was publicly disclosed ...

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More Jen Easterly, director of the Cybersecurity and Infrastructure Security ...

On December 9, when the Apache Software Foundation disclosed a massive vulnerability in Log4j, its Java logging library, it triggered a cat-and-mouse game as IT professionals raced to secure their ...

Alibaba Group Holding’s cloud computing services unit, which was disciplined by China’s internet security regulator for failing to report a critical software vulnerability in a timely manner, said the ...

Healthcare sector organizations, like entities across other industries, are being warned by federal authorities and others to carefully assess how the recently identified severe remote code execution ...

Check for Log4j vulnerabilities with this simple-to-use script Your email has been sent One great thing about Linux and the open source community is that as soon as a vulnerability is detected, ...