GitHub

Missing 'file' Appender Configuration in Log4j Properties.

on-jira triagedIssues reviewed by a dev and considered valid. Will be added in Jira.Issues reviewed by a dev and considered valid. Will be added in Jira. The log4j.rootLogger references the 'file' ...
TechRepublic

Log4j postmortem: Developers are taking a hard look at software supply-chain security gaps

Log4j postmortem: Developers are taking a hard look at software supply-chain security gaps Your email has been sent With so many security and developer teams doing postmortems on the Log4j security ...
Network World

Log4j hearing: ‘Open source is not the problem’

The high-tech community is still trying to figure out the long-term impact of the serious vulnerability found late last year in the open-source Apache Log4j software, and so is the US Senate. “Open ...
Dark Reading

Log4j: Getting From Stopgap Remedies to Long-Term Solutions

While the worst of Log4Shell may be behind us and much work remains, let's say "Well done" to the security engineers and managers who labored in the trenches in recent weeks. But if you thought the ...
Computer Weekly

Top three questions about the Log4j vulnerability

In December 2021, a vulnerability in the open source Log4J logging service used by developers to monitor their Java applications first came to light, leaving enterprises scrambling to patch affected ...
Computer Weekly

Almost half of Log4j downloads still dangerously exposed

A month after the disclosure of CVE-2021-44228, aka Log4Shell, a critical vulnerability in the Apache Log4j Java package, up to 40% of new downloads are still at risk of compromise despite the ...
Business Wire

Tanium: The Leading Corporate Solution to Fully Identify and Remediate Log4j Vulnerabilities

KIRKLAND, WA--(BUSINESS WIRE)--Industry experts are naming Log4j one of the most severe internet and computer vulnerabilities they have encountered. The United States Cyber Security and Infrastructure ...
ZDNet

Log4j flaw hunt shows how complicated the software supply chain really is

Open-source software is everywhere now, but the Log4j flaw that affects Java enterprise applications is a reminder of what can go wrong in the complicated modern software supply chain. The challenge ...
Bleeping Computer

Microsoft Defender Log4j scanner triggers false positive alerts

Microsoft Defender for Endpoint is currently showing "sensor tampering" alerts linked to the company's newly deployed Microsoft 365 Defender scanner for Log4j processes. The alerts are reportedly ...
TechSpot

Microsoft Defender gets new functions to fight Log4j

In brief: Microsoft has announced updates for cloud-based versions of its security software to fight the Log4j vulnerability. Log4j has mostly been patched but can still affect some servers that could ...
TechNewsWorld

Deadly Log4j Hole Expands Victim Vulnerability

Beware of the Log4j vulnerability! This nasty software bug has much of the IT world in a panic as it follows us into the New Year. No doubt, many organizations and SMBs with no IT staff are clueless ...