「互联网正在着火」？ 如果你多少关注信息安全资讯，或许在最近几天已经频繁听到Log4Shell这个漏洞的名字——或者一些更具传播性的说法，诸如「互联网正在着火」「过去十年最严重的漏洞」「现代计算机历史上最大漏洞」「难以想到哪家公司不受影响」之类 ...

The ubiquitous Log4j bug will be with us for years. John Hammond, senior security researcher at Huntress, discusses what’s next. Jen Easterly, the director of the Cybersecurity and Infrastructure ...

Amazon Web Services (AWS) has fixed four security issues in its hot patch from December that addressed the critical Log4Shell vulnerability (CVE-2021-44228) affecting cloud or on-premise environments ...

Log4Shell就是一名间谍。 神译局是36氪旗下编译团队，关注科技、商业、职场、生活等领域，重点介绍国外的新技术、新观点、新风向。 编者按：日志很受欢迎，但是用来创建日志的超级通用工具包Log4Shell（普遍称为“Log4J”）可不是个意志坚定的家伙，只要它 ...

The flaw in the application-logging component Log4j known as "Log4Shell" should have been patched by organisations months ago, but some systems that haven't been patched with available updates are ...

An exclusive roundtable of security researchers discuss the specific implications of CVE-2021-44228 for smaller businesses, including what’s vulnerable, what an attack looks like and to how to ...

In a blog post, the company said that CVE-2021-42392 should not be as widespread as Log4Shell, even though it is a critical issue with a similar root cause. JFrog explained that the Java Naming and ...

Log4Shell is a vulnerability found in the feature 'JNDI Lookup' that has been included since version 2.0 beta 9 of Log4j, which dynamically reads a class file from any LDAP server with a specific ...