Another vulnerability found in Log4j, this time it is a denial of service

Log4Shell, recently discovered in the popular logging library Log4j, which is part of the Apache Logging Project, continues to get worse, as another vulnerability has been found. This time it is time a “denial of service” vulnerability. The problem was originally discovered while catching bugs on Minecraft servers, but the Log4j library is present in… Continue reading Another vulnerability found in Log4j, this time it is a denial of service

Experts are already fixing attacks on the Log4Shell vulnerability

Security researchers are already scanning the network looking for products affected by a dangerous bug in the Log4j library and are fixing results of cybercriminals’ attacks on a Log4Shell vulnerability. The vulnerability is already being exploited to deploy miners, Cobalt Strike beacons, and so on. An issue in the popular Log4j logging library included in… Continue reading Experts are already fixing attacks on the Log4Shell vulnerability

0-day in Log4j library poses a threat to many applications and servers

The Apache Software Foundation has released an emergency security update that fixes a 0-day vulnerability (CVE-2021-44228) in the popular Log4j logging library, which is part of the Apache Logging Project. The patch was released as part of the 2.15.0 release. The vulnerability was named Log4Shell and scored 10 out of 10 points on the CVSS… Continue reading 0-day in Log4j library poses a threat to many applications and servers