The Next Web

The Log4j bug exposes a bigger issue: Open-source funding (Updated)

Update (December 14 ,2021): We’ve updated this article with information about the new Log4j version release, along with new exploit vectors, and risks related to all Java versions. While you were ...
Dark Reading

How to Prevent the Next Log4j-Style Zero-Day Vulnerability

Software testing is notoriously hard. Search Google for CVEs caused by basic CRLF (newline character) issues and you'll see thousands of entries. Humanity has put a man on the moon, but we still haven ...
SDxCentral

SolarWinds to Log4j: More Risk Management Wake-Up Calls

Cybersecurity practitioners started this year with the struggle of addressing the SolarWinds supply chain attack, and now the Log4j vulnerability is another wake-up call for the need to set up ...