The Record

Google: More than 35,000 Java packages impacted by Log4j vulnerabilities

Google's open-source team said they scanned Maven Central, today's largest Java package repository, and found that 35,863 Java packages use vulnerable versions of the Apache Log4j library. James ...
malaymail

DOE, MetMalaysia to air twice-daily API updates on RTM starting tomorrow

(New users only) It's tax relief season! Get up to RM300 when you save with Versa! Plus, enjoy an additional FREE RM10 when you sign up using code VERSAMM10 with a min. cash-in of RM100 today. T&Cs ...
IEEE

The Log4j Incident: A Comprehensive Measurement Study of a Critical Vulnerability

Abstract: On December 10, 2021, Log4Shell was disclosed to the public and was quickly recognized as a most severe vulnerability. It exploits a bug in the wide-spread Log4j library that allows for ...
CSOonline

Cloudflare report: Log4j remains top target for attacks in 2023

Log4j remained a top attack vector for threat actors in 2023, while a new vulnerability, HTTP/2 Rapid Reset is emerging as a significant threat to organizations, according to Cloudflare’s annual “Year ...
The Globe and Mail

IGI CyberLabs Releases Automatic Update to its Nodeware(R) Solution that Identifies Log4j Vulnerabilities

PITTSFORD, NY / ACCESSWIRE / January 12, 2022 / IGI CyberLabs, a subsidiary of IGI (OTCQB:IMCI), announces that its Nodeware solution now includes industry-leading technology to automatically and ...
ZDNet

Log4j flaw hunt shows how complicated the software supply chain really is

Open-source software is everywhere now, but the Log4j flaw that affects Java enterprise applications is a reminder of what can go wrong in the complicated modern software supply chain. The challenge ...
SecurityWeek

Google Finds 35,863 Java Packages Using Defective Log4j

The computer security industry is bracing for travel on long, bumpy roads littered with Log4j security problems as experts warn that software dependency patching hiccups will slow global mitigation ...